[Fedora-directory-commits] ldapserver/ldap/servers/plugins/statechange statechange.c, 1.6, 1.7
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Thu Oct 18 22:25:16 UTC 2007
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/statechange
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3904/ldapserver/ldap/servers/plugins/statechange
Modified Files:
statechange.c
Log Message:
Resolves: bug 297221
Bug Description: rhds71 Malformed Dynamic Authorization Group makes Directory Server Crash
Reviewed by: nhosoi (Thanks!)
Fix Description: The problem was that we were not checking the return value of slapi_str2filter(). I added a check at the crash site, and it will not print out a helpful error message. I did a search through the code looking for other similar places and found a couple. I added similar code in those places.
I added an initialization of a buffer to null, as suggested by nhosoi.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Index: statechange.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/statechange/statechange.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- statechange.c 10 Nov 2006 23:45:30 -0000 1.6
+++ statechange.c 18 Oct 2007 22:25:14 -0000 1.7
@@ -331,7 +331,17 @@
item->dn = 0;
item->filter = slapi_ch_strdup(filter);
item->caller_data = caller_data;
- item->realfilter = slapi_str2filter(writable_filter);
+ if (NULL == (item->realfilter = slapi_str2filter(writable_filter))) {
+ slapi_log_error(SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM,
+ "Error: invalid filter in statechange entry [%s]: [%s]\n",
+ dn, filter);
+ slapi_ch_free_string(&item->caller_id);
+ slapi_ch_free_string(&item->dn);
+ slapi_ch_free_string(&item->filter);
+ slapi_ch_free_string(&writable_filter);
+ slapi_ch_free((void **)&item);
+ return -1;
+ }
item->func = func;
slapi_lock_mutex(buffer_lock);
More information about the Fedora-directory-commits
mailing list