rpms / 389-ds-base

Clone
Source Code
GIT

Blame SOURCES/0062-Ticket-49370-Crash-when-using-a-global-and-local-pw.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   b045b9a805df8f5bdaf1d4dae41408730e21b68d
  2.   SOURCES
  3.   0062-Ticket-49370-Crash-when-using-a-global-and-local-pw.patch
Blob History Raw
b045b9 
From 3bdd7b5cccd2993c5ae5b9d893be15c71373aaf8 Mon Sep 17 00:00:00 2001
b045b9 
From: Mark Reynolds <mreynolds@redhat.com>
b045b9 
Date: Mon, 29 Jan 2018 11:53:33 -0500
b045b9 
Subject: [PATCH] Ticket 49370 - Crash when using a global and local pw
b045b9 
 policies
b045b9
b045b9 
Description:  This a regression from the previous patch.  We were
b045b9 
              accidently using a reference to the global pw policy
b045b9 
              password storage scheme, which was getting freed after
b045b9 
              pblock was done from an operation.  The next operation
b045b9 
              then used(and double freed) this memory on the next
b045b9 
              operation.
b045b9
b045b9 
https://pagure.io/389-ds-base/issue/49370
b045b9
b045b9 
Reviewed by: tbordaz (Thanks!)
b045b9
b045b9 
(cherry picked from commit d86e0f9634e694feb378ee335d29b2e89fd27e2c)
b045b9 
---
b045b9 
 ldap/servers/slapd/pw.c | 32 +++++++++++++++++---------------
b045b9 
 1 file changed, 17 insertions(+), 15 deletions(-)
b045b9
b045b9 
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
b045b9 
index 3a545e12e..451be364d 100644
b045b9 
--- a/ldap/servers/slapd/pw.c
b045b9 
+++ b/ldap/servers/slapd/pw.c
b045b9 
@@ -209,7 +209,7 @@ pw_name2scheme(char *name)
b045b9 
     struct pw_scheme *pwsp;
b045b9 
     struct slapdplugin *p;
b045b9
b045b9 
-    if ((p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
b045b9 
+    if (name != NULL && (p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
b045b9 
         pwsp = (struct pw_scheme *)slapi_ch_malloc(sizeof(struct pw_scheme));
b045b9 
         if (pwsp != NULL) {
b045b9 
             typedef int (*CMPFP)(char *, char *);
b045b9 
@@ -1612,18 +1612,18 @@ pw_get_admin_users(passwdPolicy *pwp)
b045b9 
 passwdPolicy *
b045b9 
 new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
b045b9 
 {
b045b9 
+    slapdFrontendConfig_t *slapdFrontendConfig = NULL;
b045b9 
     Slapi_ValueSet *values = NULL;
b045b9 
+    Slapi_Value **sval = NULL;
b045b9 
     Slapi_Entry *e = NULL, *pw_entry = NULL;
b045b9 
-    int type_name_disposition = 0;
b045b9 
+    passwdPolicy *pwdpolicy = NULL;
b045b9 
+    Slapi_Attr *attr = NULL;
b045b9 
+    char *pwscheme_name = NULL;
b045b9 
+    char *attr_name = NULL;
b045b9 
     char *actual_type_name = NULL;
b045b9 
+    int type_name_disposition = 0;
b045b9 
     int attr_free_flags = 0;
b045b9 
     int rc = 0;
b045b9 
-    passwdPolicy *pwdpolicy = NULL;
b045b9 
-    struct pw_scheme *pwdscheme = NULL;
b045b9 
-    Slapi_Attr *attr;
b045b9 
-    char *attr_name;
b045b9 
-    Slapi_Value **sval;
b045b9 
-    slapdFrontendConfig_t *slapdFrontendConfig;
b045b9 
     int optype = -1;
b045b9
b045b9 
     /* If we already allocated a pw policy, return it */
b045b9 
@@ -1717,9 +1717,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
b045b9 
                     pw_entry = get_entry(pb, bvp->bv_val);
b045b9 
                 }
b045b9 
             }
b045b9 
-
b045b9 
             slapi_vattr_values_free(&values, &actual_type_name, attr_free_flags);
b045b9 
-
b045b9 
             slapi_entry_free(e);
b045b9
b045b9 
             if (pw_entry == NULL) {
b045b9 
@@ -1732,7 +1730,11 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
b045b9
b045b9 
             /* Set the default values (from libglobs.c) */
b045b9 
             pwpolicy_init_defaults(pwdpolicy);
b045b9 
-            pwdpolicy->pw_storagescheme = slapdFrontendConfig->pw_storagescheme;
b045b9 
+
b045b9 
+            /* Set the current storage scheme */
b045b9 
+            pwscheme_name = config_get_pw_storagescheme();
b045b9 
+            pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
b045b9 
+            slapi_ch_free_string(&pwscheme_name);
b045b9
b045b9 
             /* Set the defined values now */
b045b9 
             for (slapi_entry_first_attr(pw_entry, &attr); attr;
b045b9 
@@ -1865,6 +1867,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
b045b9 
                     }
b045b9 
                 } else if (!strcasecmp(attr_name, "passwordstoragescheme")) {
b045b9 
                     if ((sval = attr_get_present_values(attr))) {
b045b9 
+                        free_pw_scheme(pwdpolicy->pw_storagescheme);
b045b9 
                         pwdpolicy->pw_storagescheme =
b045b9 
                             pw_name2scheme((char *)slapi_value_get_string(*sval));
b045b9 
                     }
b045b9 
@@ -1924,10 +1927,9 @@ done:
b045b9 
      * structure from slapdFrontendconfig
b045b9 
      */
b045b9 
     *pwdpolicy = slapdFrontendConfig->pw_policy;
b045b9 
-    pwdscheme = (struct pw_scheme *)slapi_ch_calloc(1, sizeof(struct pw_scheme));
b045b9 
-    *pwdscheme = *slapdFrontendConfig->pw_storagescheme;
b045b9 
-    pwdscheme->pws_name = strdup(slapdFrontendConfig->pw_storagescheme->pws_name);
b045b9 
-    pwdpolicy->pw_storagescheme = pwdscheme;
b045b9 
+    pwscheme_name = config_get_pw_storagescheme();
b045b9 
+    pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
b045b9 
+    slapi_ch_free_string(&pwscheme_name);
b045b9 
     pwdpolicy->pw_admin = slapi_sdn_dup(slapdFrontendConfig->pw_policy.pw_admin);
b045b9 
     pw_get_admin_users(pwdpolicy);
b045b9 
     if (pb) {
b045b9 
--
b045b9 
2.13.6
b045b9

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation