diff options
| author | Nathan Kinder <nkinder@redhat.com> | 2010-09-08 07:58:15 -0700 |
|---|---|---|
| committer | Nathan Kinder <nkinder@redhat.com> | 2010-09-08 10:40:03 -0700 |
| commit | a333e683d6b15eafb5a098e581eb7a281b15137c (patch) | |
| tree | d06454d05c048903931d2096441d141611202682 /ldap | |
| parent | a733cd11e91d956242452ba4dd1d37406bec4aa4 (diff) | |
| download | ds-a333e683d6b15eafb5a098e581eb7a281b15137c.tar.gz ds-a333e683d6b15eafb5a098e581eb7a281b15137c.tar.xz ds-a333e683d6b15eafb5a098e581eb7a281b15137c.zip | |
Bug 630096 - (cov#15449,15450) Check return value of stat()
We were not checking the return value of stat() before attempting
to access the structure that stat fille in in the protect_db code.
This patch checks the return value first.
Diffstat (limited to 'ldap')
| -rw-r--r-- | ldap/servers/slapd/protect_db.c | 9 | ||||
| -rw-r--r-- | ldap/servers/slapd/protect_db.h | 3 |
2 files changed, 8 insertions, 4 deletions
diff --git a/ldap/servers/slapd/protect_db.c b/ldap/servers/slapd/protect_db.c index c90c8001..ce113948 100644 --- a/ldap/servers/slapd/protect_db.c +++ b/ldap/servers/slapd/protect_db.c @@ -205,10 +205,12 @@ make_sure_dir_exists(char *dir) slapdFrontendConfig->localuserinfo != NULL) { pw = slapdFrontendConfig->localuserinfo; if (chown(dir, pw->pw_uid, -1) == -1) { - stat(dir, &stat_buffer); - if (stat_buffer.st_uid != pw->pw_uid) { + if ((stat(dir, &stat_buffer) == 0) && (stat_buffer.st_uid != pw->pw_uid)) { LDAPDebug(LDAP_DEBUG_ANY, CHOWN_WARNING, dir, 0, 0); return 1; + } else { + LDAPDebug(LDAP_DEBUG_ANY, STAT_ERROR, dir, errno, 0); + return 1; } } } @@ -242,8 +244,7 @@ add_this_process_to(char *dir_name) slapdFrontendConfig->localuserinfo != NULL) { pw = slapdFrontendConfig->localuserinfo; if (chown(file_name, pw->pw_uid, -1) == -1) { - stat(file_name, &stat_buffer); - if (stat_buffer.st_uid != pw->pw_uid) { + if ((stat(file_name, &stat_buffer) == 0) && (stat_buffer.st_uid != pw->pw_uid)) { LDAPDebug(LDAP_DEBUG_ANY, CHOWN_WARNING, file_name, 0, 0); } } diff --git a/ldap/servers/slapd/protect_db.h b/ldap/servers/slapd/protect_db.h index 1def34c9..bbb5324f 100644 --- a/ldap/servers/slapd/protect_db.h +++ b/ldap/servers/slapd/protect_db.h @@ -76,6 +76,9 @@ void remove_slapd_process(); #define CHOWN_WARNING "Warning - couldn't set the ownership for %s\n" /* file name */ +#define STAT_ERROR "Error - unable to stat %s (error %d)\n" + /* file name, error number */ + #define NO_SERVER_DUE_TO_SERVER "Unable to start slapd because it is already running as process %d\n" /* pid of running slapd process */ |