Blame SOURCES/0067-Ticket-49380-Crash-when-adding-invalid-replication.patch

6405db
From af59afa03296160577e419257772d5319796a992 Mon Sep 17 00:00:00 2001
6405db
From: Mark Reynolds <mreynolds@redhat.com>
6405db
Date: Thu, 14 Sep 2017 08:32:11 -0400
6405db
Subject: [PATCH] Ticket 49380 - Crash when adding invalid replication 
6405db
 agreement
6405db
6405db
    Bug Description:  If you add a replication agreement with an invalid "replicaEnabled" value
6405db
                      the server crashes when freeing the replica schedule.  This is because the
6405db
                      schedule never gets allocated before the rror conidtion is hit, and then
6405db
                      it get dereferenced.
6405db
6405db
    Fix Description:  Check for a NULL schedule before trying to destroy it.
6405db
6405db
    https://pagure.io/389-ds-base/issue/49380
6405db
6405db
    Reviewed by: tbordaz(Thanks!)
6405db
---
6405db
 ldap/servers/plugins/replication/repl5_schedule.c | 10 +++++++++-
6405db
 1 file changed, 9 insertions(+), 1 deletion(-)
6405db
6405db
diff --git a/ldap/servers/plugins/replication/repl5_schedule.c b/ldap/servers/plugins/replication/repl5_schedule.c
6405db
index 60ee6f2..4572e63 100644
6405db
--- a/ldap/servers/plugins/replication/repl5_schedule.c
6405db
+++ b/ldap/servers/plugins/replication/repl5_schedule.c
6405db
@@ -130,6 +130,10 @@ schedule_destroy(Schedule *s)
6405db
 {
6405db
 	int i;
6405db
 
6405db
+	if (s == NULL) {
6405db
+		return;
6405db
+	}
6405db
+
6405db
     /* unschedule update window event if exists */
6405db
     unschedule_window_state_change_event (s);
6405db
 
6405db
@@ -177,11 +181,15 @@ free_schedule_list(schedule_item **schedule_list)
6405db
 int
6405db
 schedule_set(Schedule *sch, Slapi_Attr *attr)
6405db
 {
6405db
-	int return_value;
6405db
+	int return_value = -1;
6405db
 	schedule_item *si = NULL;
6405db
 	schedule_item *new_schedule_list = NULL;
6405db
 	int valid = 1;
6405db
 	
6405db
+	if (sch == NULL) {
6405db
+		return return_value;
6405db
+	}
6405db
+
6405db
 	if (NULL != attr)
6405db
 	{
6405db
 		int ind;
6405db
-- 
6405db
2.9.5
6405db