andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 7 months ago
Clone
Blob Blame History Raw
From 81e9e6431293cbdde5b037c88e5c644f39d3d14d Mon Sep 17 00:00:00 2001
From: tbordaz <tbordaz@redhat.com>
Date: Tue, 27 Apr 2021 09:29:32 +0200
Subject: [PATCH 1/2] Issue 4711 - SIGSEV with sync_repl (#4738)

Bug description:
	sync_repl sends back entries identified with a unique
	identifier that is 'nsuniqueid'. If 'nsuniqueid' is
	missing, then it may crash

Fix description:
	Check a nsuniqueid is available else returns OP_ERR

relates: https://github.com/389ds/389-ds-base/issues/4711

Reviewed by: Pierre Rogier, James Chapman, William Brown (Thanks!)

Platforms tested:  F33
---
 ldap/servers/plugins/sync/sync_util.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/ldap/servers/plugins/sync/sync_util.c b/ldap/servers/plugins/sync/sync_util.c
index e64d519e1..bdba0a6c2 100644
--- a/ldap/servers/plugins/sync/sync_util.c
+++ b/ldap/servers/plugins/sync/sync_util.c
@@ -127,8 +127,8 @@ sync_create_state_control(Slapi_Entry *e, LDAPControl **ctrlp, int type, Sync_Co
     BerElement *ber;
     struct berval *bvp;
     char *uuid;
-    Slapi_Attr *attr;
-    Slapi_Value *val;
+    Slapi_Attr *attr = NULL;
+    Slapi_Value *val = NULL;
 
     if (type == LDAP_SYNC_NONE || ctrlp == NULL || (ber = der_alloc()) == NULL) {
         return (LDAP_OPERATIONS_ERROR);
@@ -138,6 +138,14 @@ sync_create_state_control(Slapi_Entry *e, LDAPControl **ctrlp, int type, Sync_Co
 
     slapi_entry_attr_find(e, SLAPI_ATTR_UNIQUEID, &attr);
     slapi_attr_first_value(attr, &val);
+    if ((attr == NULL) || (val == NULL)) {
+        /* It may happen with entries in special backends
+         * such like cn=config, cn=shema, cn=monitor...
+         */
+        slapi_log_err(SLAPI_LOG_ERR, SYNC_PLUGIN_SUBSYSTEM,
+                      "sync_create_state_control - Entries are missing nsuniqueid. Unable to proceed.\n");
+        return (LDAP_OPERATIONS_ERROR);
+    }
     uuid = sync_nsuniqueid2uuid(slapi_value_get_string(val));
     if ((rc = ber_printf(ber, "{eo", type, uuid, 16)) != -1) {
         if (cookie) {
-- 
2.31.1