From d362196eda904e95cf99e7c784b7dfda36b05e21 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Mon, 25 Mar 2013 10:35:31 -0400 Subject: [PATCH 41/42] Ticket 628 - crash in aci evaluation Bug Description: When trying to get effective rights on a entry that does not exist, can lead to a crash from dereferencing a NULL pointer. Fix Description: Check for NULL entry pointers and return the appropriate error. https://fedorahosted.org/389/ticket/628 Reviewed by: nhosoi(Thanks Noriko!) (cherry picked from commit ac8ceb91e42c31672147018d9d654879970dd38d) --- ldap/servers/slapd/entry.c | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c index 58a9d51..1926417 100644 --- a/ldap/servers/slapd/entry.c +++ b/ldap/servers/slapd/entry.c @@ -2312,7 +2312,11 @@ slapi_entry_next_attr( const Slapi_Entry *e, Slapi_Attr *prevattr, Slapi_Attr ** int slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) { - int r= -1; + int r = -1; + + if(e == NULL){ + return r; + } *a = attrlist_find( e->e_attrs, type ); if (*a != NULL) { @@ -2323,11 +2327,11 @@ slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) * Our state information storage scheme can cause this, since * we have to hang onto the deleted value state information. */ - *a= NULL; + *a = NULL; } else { - r= 0; + r = 0; } } return r; @@ -2951,18 +2955,20 @@ slapi_entry_attr_has_syntax_value(const Slapi_Entry *e, const char *type, const Slapi_Value *value) { - int r= 0; - Slapi_Attr *attr; + int r = 0; + Slapi_Attr *attr; + if(e == NULL){ + return r; + } if(slapi_entry_attr_find(e, type, &attr)==0) { - const struct berval *bv = slapi_value_get_berval(value); + const struct berval *bv = slapi_value_get_berval(value); - if ( bv != NULL) { - r = (slapi_attr_value_find(attr, bv) == 0); - } - - } + if ( bv != NULL) { + r = (slapi_attr_value_find(attr, bv) == 0); + } + } return r; } -- 1.8.1.4