From 79ffa81a6fe6d310f26979d61dbf79364ee9a668 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Fri, 9 Jan 2015 14:22:50 -0800
Subject: [PATCH 299/305] Ticket #47905 - Bad manipulation of passwordhistory
Description: The patch was provided by German Parente (gparente@redhat.com)
https://fedorahosted.org/389/ticket/47905#comment:6
If a value of password policy attribute (e.g., passwordhistory) is
accidentally deleted, it causes a null reference in pw_val2scheme.
This patch checks whether val is NULL or not. If the given val is
NULL, pw_val2scheme returns NULL.
https://fedorahosted.org/389/ticket/47905
Reviewed by nhosoi@redhat.com.
(cherry picked from commit 2c6e74adbea3c4799f30b0e3d679da9dd060ff58)
(cherry picked from commit baa26c96e873916d4c02651b04de7ca2a578863d)
(cherry picked from commit a9dee00b79016a51ebfed01c92267b751c5986de)
(cherry picked from commit bf274554956196b4fc3f80f60c1b61de28a1b9d2)
(cherry picked from commit 6b85c3a655896363826fe5aacee9e7493fcb9ca9)
---
ldap/servers/slapd/pw.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 0349c5a..73fcfa9 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -145,7 +145,7 @@ slapi_pw_find_sv(
LDAPDebug( LDAP_DEBUG_TRACE, "=> slapi_pw_find value: \"%s\"\n", slapi_value_get_string(v), 0, 0 ); /* JCM Innards */
- for ( i = 0; vals[i] != NULL; i++ )
+ for ( i = 0; vals && vals[i]; i++ )
{
pwsp = pw_val2scheme( (char*)slapi_value_get_string(vals[i]), &valpwd, 1 ); /* JCM Innards*/
if ( pwsp != NULL &&
@@ -287,9 +287,12 @@ struct pw_scheme *
pw_val2scheme( char *val, char **valpwdp, int first_is_default )
{
struct pw_scheme *pwsp;
- int namelen, prefixlen;
+ int namelen, prefixlen;
char *end, buf[ PWD_MAX_NAME_LEN + 1 ];
+ if (NULL == val) {
+ return( NULL );
+ }
if ( *val != PWD_HASH_PREFIX_START ||
( end = strchr( val, PWD_HASH_PREFIX_END )) == NULL ||
( namelen = end - val - 1 ) > PWD_MAX_NAME_LEN ) {
--
1.9.3