IPA: Check RDN in ipa_add_ad_memberships_get_next

LDB functions ldb_dn_get_component_val and ldb_dn_get_rdn_val
validate dn before returning component value.
It should be valid DN according to RFC4514.

IPA/389ds might return problematic DN due to replication conflicts.
e.g. "cn=System: Read Service Delegations+nsuniqueid=b0736336-d06e11e5-8e8acabe-ce8d458d,cn=permissions,dc=example,dc=com"

It's better to check return value of these LDb function rather than
crash because of dereference of NULL pointer.

Resolves:
https://fedorahosted.org/sssd/ticket/2980

Reviewed-by: Sumit Bose <sbose@redhat.com>

0 files changed, 0 insertions, 0 deletions