From 79ffa81a6fe6d310f26979d61dbf79364ee9a668 Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Fri, 9 Jan 2015 14:22:50 -0800 Subject: [PATCH 299/305] Ticket #47905 - Bad manipulation of passwordhistory Description: The patch was provided by German Parente (gparente@redhat.com) https://fedorahosted.org/389/ticket/47905#comment:6 If a value of password policy attribute (e.g., passwordhistory) is accidentally deleted, it causes a null reference in pw_val2scheme. This patch checks whether val is NULL or not. If the given val is NULL, pw_val2scheme returns NULL. https://fedorahosted.org/389/ticket/47905 Reviewed by nhosoi@redhat.com. (cherry picked from commit 2c6e74adbea3c4799f30b0e3d679da9dd060ff58) (cherry picked from commit baa26c96e873916d4c02651b04de7ca2a578863d) (cherry picked from commit a9dee00b79016a51ebfed01c92267b751c5986de) (cherry picked from commit bf274554956196b4fc3f80f60c1b61de28a1b9d2) (cherry picked from commit 6b85c3a655896363826fe5aacee9e7493fcb9ca9) --- ldap/servers/slapd/pw.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c index 0349c5a..73fcfa9 100644 --- a/ldap/servers/slapd/pw.c +++ b/ldap/servers/slapd/pw.c @@ -145,7 +145,7 @@ slapi_pw_find_sv( LDAPDebug( LDAP_DEBUG_TRACE, "=> slapi_pw_find value: \"%s\"\n", slapi_value_get_string(v), 0, 0 ); /* JCM Innards */ - for ( i = 0; vals[i] != NULL; i++ ) + for ( i = 0; vals && vals[i]; i++ ) { pwsp = pw_val2scheme( (char*)slapi_value_get_string(vals[i]), &valpwd, 1 ); /* JCM Innards*/ if ( pwsp != NULL && @@ -287,9 +287,12 @@ struct pw_scheme * pw_val2scheme( char *val, char **valpwdp, int first_is_default ) { struct pw_scheme *pwsp; - int namelen, prefixlen; + int namelen, prefixlen; char *end, buf[ PWD_MAX_NAME_LEN + 1 ]; + if (NULL == val) { + return( NULL ); + } if ( *val != PWD_HASH_PREFIX_START || ( end = strchr( val, PWD_HASH_PREFIX_END )) == NULL || ( namelen = end - val - 1 ) > PWD_MAX_NAME_LEN ) { -- 1.9.3