[Fedora-directory-commits] ldapserver/ldap/servers/plugins/statechange statechange.c, 1.6, 1.7

[Richard Allen Megginson (rmeggins)]

Author: rmeggins

Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/statechange
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3904/ldapserver/ldap/servers/plugins/statechange

Modified Files:
	statechange.c 
Log Message:
Resolves: bug 297221
Bug Description: rhds71 Malformed Dynamic Authorization Group makes Directory Server Crash
Reviewed by: nhosoi (Thanks!)
Fix Description: The problem was that we were not checking the return value of slapi_str2filter().  I added a check at the crash site, and it will not print out a helpful error message.  I did a search through the code looking for other similar places and found a couple.  I added similar code in those places.
I added an initialization of a buffer to null, as suggested by nhosoi.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no



Index: statechange.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/statechange/statechange.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- statechange.c	10 Nov 2006 23:45:30 -0000	1.6
+++ statechange.c	18 Oct 2007 22:25:14 -0000	1.7
@@ -331,7 +331,17 @@
 			item->dn = 0;
 		item->filter = slapi_ch_strdup(filter);
 		item->caller_data = caller_data;
-		item->realfilter = slapi_str2filter(writable_filter);
+		if (NULL == (item->realfilter = slapi_str2filter(writable_filter))) {
+			slapi_log_error(SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM,
+							"Error: invalid filter in statechange entry [%s]: [%s]\n",
+							dn, filter);
+			slapi_ch_free_string(&item->caller_id);
+			slapi_ch_free_string(&item->dn);
+			slapi_ch_free_string(&item->filter);
+			slapi_ch_free_string(&writable_filter);
+			slapi_ch_free((void **)&item);
+			return -1;
+		}
 		item->func = func;
 
 		slapi_lock_mutex(buffer_lock);