rpms / 389-ds-base

Clone
Source Code
GIT

Blame SOURCES/0062-Ticket-49370-Crash-when-using-a-global-and-local-pw.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   058656d9333ed0f618a2dd0618e12186c146f5fb
  2.   SOURCES
  3.   0062-Ticket-49370-Crash-when-using-a-global-and-local-pw.patch
Blob History Raw
058656 
From 3bdd7b5cccd2993c5ae5b9d893be15c71373aaf8 Mon Sep 17 00:00:00 2001
058656 
From: Mark Reynolds <mreynolds@redhat.com>
058656 
Date: Mon, 29 Jan 2018 11:53:33 -0500
058656 
Subject: [PATCH] Ticket 49370 - Crash when using a global and local pw
058656 
 policies
058656
058656 
Description:  This a regression from the previous patch.  We were
058656 
              accidently using a reference to the global pw policy
058656 
              password storage scheme, which was getting freed after
058656 
              pblock was done from an operation.  The next operation
058656 
              then used(and double freed) this memory on the next
058656 
              operation.
058656
058656 
https://pagure.io/389-ds-base/issue/49370
058656
058656 
Reviewed by: tbordaz (Thanks!)
058656
058656 
(cherry picked from commit d86e0f9634e694feb378ee335d29b2e89fd27e2c)
058656 
---
058656 
 ldap/servers/slapd/pw.c | 32 +++++++++++++++++---------------
058656 
 1 file changed, 17 insertions(+), 15 deletions(-)
058656
058656 
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
058656 
index 3a545e12e..451be364d 100644
058656 
--- a/ldap/servers/slapd/pw.c
058656 
+++ b/ldap/servers/slapd/pw.c
058656 
@@ -209,7 +209,7 @@ pw_name2scheme(char *name)
058656 
     struct pw_scheme *pwsp;
058656 
     struct slapdplugin *p;
058656
058656 
-    if ((p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
058656 
+    if (name != NULL && (p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
058656 
         pwsp = (struct pw_scheme *)slapi_ch_malloc(sizeof(struct pw_scheme));
058656 
         if (pwsp != NULL) {
058656 
             typedef int (*CMPFP)(char *, char *);
058656 
@@ -1612,18 +1612,18 @@ pw_get_admin_users(passwdPolicy *pwp)
058656 
 passwdPolicy *
058656 
 new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
058656 
 {
058656 
+    slapdFrontendConfig_t *slapdFrontendConfig = NULL;
058656 
     Slapi_ValueSet *values = NULL;
058656 
+    Slapi_Value **sval = NULL;
058656 
     Slapi_Entry *e = NULL, *pw_entry = NULL;
058656 
-    int type_name_disposition = 0;
058656 
+    passwdPolicy *pwdpolicy = NULL;
058656 
+    Slapi_Attr *attr = NULL;
058656 
+    char *pwscheme_name = NULL;
058656 
+    char *attr_name = NULL;
058656 
     char *actual_type_name = NULL;
058656 
+    int type_name_disposition = 0;
058656 
     int attr_free_flags = 0;
058656 
     int rc = 0;
058656 
-    passwdPolicy *pwdpolicy = NULL;
058656 
-    struct pw_scheme *pwdscheme = NULL;
058656 
-    Slapi_Attr *attr;
058656 
-    char *attr_name;
058656 
-    Slapi_Value **sval;
058656 
-    slapdFrontendConfig_t *slapdFrontendConfig;
058656 
     int optype = -1;
058656
058656 
     /* If we already allocated a pw policy, return it */
058656 
@@ -1717,9 +1717,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
058656 
                     pw_entry = get_entry(pb, bvp->bv_val);
058656 
                 }
058656 
             }
058656 
-
058656 
             slapi_vattr_values_free(&values, &actual_type_name, attr_free_flags);
058656 
-
058656 
             slapi_entry_free(e);
058656
058656 
             if (pw_entry == NULL) {
058656 
@@ -1732,7 +1730,11 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
058656
058656 
             /* Set the default values (from libglobs.c) */
058656 
             pwpolicy_init_defaults(pwdpolicy);
058656 
-            pwdpolicy->pw_storagescheme = slapdFrontendConfig->pw_storagescheme;
058656 
+
058656 
+            /* Set the current storage scheme */
058656 
+            pwscheme_name = config_get_pw_storagescheme();
058656 
+            pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
058656 
+            slapi_ch_free_string(&pwscheme_name);
058656
058656 
             /* Set the defined values now */
058656 
             for (slapi_entry_first_attr(pw_entry, &attr); attr;
058656 
@@ -1865,6 +1867,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
058656 
                     }
058656 
                 } else if (!strcasecmp(attr_name, "passwordstoragescheme")) {
058656 
                     if ((sval = attr_get_present_values(attr))) {
058656 
+                        free_pw_scheme(pwdpolicy->pw_storagescheme);
058656 
                         pwdpolicy->pw_storagescheme =
058656 
                             pw_name2scheme((char *)slapi_value_get_string(*sval));
058656 
                     }
058656 
@@ -1924,10 +1927,9 @@ done:
058656 
      * structure from slapdFrontendconfig
058656 
      */
058656 
     *pwdpolicy = slapdFrontendConfig->pw_policy;
058656 
-    pwdscheme = (struct pw_scheme *)slapi_ch_calloc(1, sizeof(struct pw_scheme));
058656 
-    *pwdscheme = *slapdFrontendConfig->pw_storagescheme;
058656 
-    pwdscheme->pws_name = strdup(slapdFrontendConfig->pw_storagescheme->pws_name);
058656 
-    pwdpolicy->pw_storagescheme = pwdscheme;
058656 
+    pwscheme_name = config_get_pw_storagescheme();
058656 
+    pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
058656 
+    slapi_ch_free_string(&pwscheme_name);
058656 
     pwdpolicy->pw_admin = slapi_sdn_dup(slapdFrontendConfig->pw_policy.pw_admin);
058656 
     pw_get_admin_users(pwdpolicy);
058656 
     if (pb) {
058656 
--
058656 
2.13.6
058656

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation