From d362196eda904e95cf99e7c784b7dfda36b05e21 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Mon, 25 Mar 2013 10:35:31 -0400
Subject: [PATCH 41/42] Ticket 628 - crash in aci evaluation
Bug Description: When trying to get effective rights on a entry that does not exist,
can lead to a crash from dereferencing a NULL pointer.
Fix Description: Check for NULL entry pointers and return the appropriate error.
https://fedorahosted.org/389/ticket/628
Reviewed by: nhosoi(Thanks Noriko!)
(cherry picked from commit ac8ceb91e42c31672147018d9d654879970dd38d)
---
ldap/servers/slapd/entry.c | 28 +++++++++++++++++-----------
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index 58a9d51..1926417 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -2312,7 +2312,11 @@ slapi_entry_next_attr( const Slapi_Entry *e, Slapi_Attr *prevattr, Slapi_Attr **
int
slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a )
{
- int r= -1;
+ int r = -1;
+
+ if(e == NULL){
+ return r;
+ }
*a = attrlist_find( e->e_attrs, type );
if (*a != NULL)
{
@@ -2323,11 +2327,11 @@ slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a )
* Our state information storage scheme can cause this, since
* we have to hang onto the deleted value state information.
*/
- *a= NULL;
+ *a = NULL;
}
else
{
- r= 0;
+ r = 0;
}
}
return r;
@@ -2951,18 +2955,20 @@ slapi_entry_attr_has_syntax_value(const Slapi_Entry *e,
const char *type,
const Slapi_Value *value)
{
- int r= 0;
- Slapi_Attr *attr;
+ int r = 0;
+ Slapi_Attr *attr;
+ if(e == NULL){
+ return r;
+ }
if(slapi_entry_attr_find(e, type, &attr)==0)
{
- const struct berval *bv = slapi_value_get_berval(value);
+ const struct berval *bv = slapi_value_get_berval(value);
- if ( bv != NULL) {
- r = (slapi_attr_value_find(attr, bv) == 0);
- }
-
- }
+ if ( bv != NULL) {
+ r = (slapi_attr_value_find(attr, bv) == 0);
+ }
+ }
return r;
}
--
1.8.1.4