From 232609fb5a01810c716de4bedddff97cd1eb3080 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Mon, 25 Mar 2013 10:35:31 -0400 Subject: [PATCH] Ticket 628 - crash in aci evaluation Bug Description: When trying to get effective rights on a entry that does not exist, can lead to a crash from dereferencing a NULL pointer. Fix Description: Check for NULL entry pointers and return the appropriate error. https://fedorahosted.org/389/ticket/628 Reviewed by: ? --- ldap/servers/slapd/entry.c | 28 +++++++++++++++++----------- 1 files changed, 17 insertions(+), 11 deletions(-) diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c index ebd49de..1d12793 100644 --- a/ldap/servers/slapd/entry.c +++ b/ldap/servers/slapd/entry.c @@ -2362,7 +2362,11 @@ slapi_entry_next_attr( const Slapi_Entry *e, Slapi_Attr *prevattr, Slapi_Attr ** int slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) { - int r= -1; + int r = -1; + + if(e == NULL){ + return r; + } *a = attrlist_find( e->e_attrs, type ); if (*a != NULL) { @@ -2373,11 +2377,11 @@ slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) * Our state information storage scheme can cause this, since * we have to hang onto the deleted value state information. */ - *a= NULL; + *a = NULL; } else { - r= 0; + r = 0; } } return r; @@ -3025,18 +3029,20 @@ slapi_entry_attr_has_syntax_value(const Slapi_Entry *e, const char *type, const Slapi_Value *value) { - int r= 0; - Slapi_Attr *attr; + int r = 0; + Slapi_Attr *attr; + if(e == NULL){ + return r; + } if(slapi_entry_attr_find(e, type, &attr)==0) { - const struct berval *bv = slapi_value_get_berval(value); + const struct berval *bv = slapi_value_get_berval(value); - if ( bv != NULL) { - r = (slapi_attr_value_find(attr, bv) == 0); - } - - } + if ( bv != NULL) { + r = (slapi_attr_value_find(attr, bv) == 0); + } + } return r; } -- 1.7.1