Blame SOURCES/0062-Ticket-49370-Crash-when-using-a-global-and-local-pw.patch

96373c
From 3bdd7b5cccd2993c5ae5b9d893be15c71373aaf8 Mon Sep 17 00:00:00 2001
96373c
From: Mark Reynolds <mreynolds@redhat.com>
96373c
Date: Mon, 29 Jan 2018 11:53:33 -0500
96373c
Subject: [PATCH] Ticket 49370 - Crash when using a global and local pw 
96373c
 policies
96373c
96373c
Description:  This a regression from the previous patch.  We were
96373c
              accidently using a reference to the global pw policy
96373c
              password storage scheme, which was getting freed after
96373c
              pblock was done from an operation.  The next operation
96373c
              then used(and double freed) this memory on the next
96373c
              operation.
96373c
96373c
https://pagure.io/389-ds-base/issue/49370
96373c
96373c
Reviewed by: tbordaz (Thanks!)
96373c
96373c
(cherry picked from commit d86e0f9634e694feb378ee335d29b2e89fd27e2c)
96373c
---
96373c
 ldap/servers/slapd/pw.c | 32 +++++++++++++++++---------------
96373c
 1 file changed, 17 insertions(+), 15 deletions(-)
96373c
96373c
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
96373c
index 3a545e12e..451be364d 100644
96373c
--- a/ldap/servers/slapd/pw.c
96373c
+++ b/ldap/servers/slapd/pw.c
96373c
@@ -209,7 +209,7 @@ pw_name2scheme(char *name)
96373c
     struct pw_scheme *pwsp;
96373c
     struct slapdplugin *p;
96373c
 
96373c
-    if ((p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
96373c
+    if (name != NULL && (p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME)) != NULL) {
96373c
         pwsp = (struct pw_scheme *)slapi_ch_malloc(sizeof(struct pw_scheme));
96373c
         if (pwsp != NULL) {
96373c
             typedef int (*CMPFP)(char *, char *);
96373c
@@ -1612,18 +1612,18 @@ pw_get_admin_users(passwdPolicy *pwp)
96373c
 passwdPolicy *
96373c
 new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
96373c
 {
96373c
+    slapdFrontendConfig_t *slapdFrontendConfig = NULL;
96373c
     Slapi_ValueSet *values = NULL;
96373c
+    Slapi_Value **sval = NULL;
96373c
     Slapi_Entry *e = NULL, *pw_entry = NULL;
96373c
-    int type_name_disposition = 0;
96373c
+    passwdPolicy *pwdpolicy = NULL;
96373c
+    Slapi_Attr *attr = NULL;
96373c
+    char *pwscheme_name = NULL;
96373c
+    char *attr_name = NULL;
96373c
     char *actual_type_name = NULL;
96373c
+    int type_name_disposition = 0;
96373c
     int attr_free_flags = 0;
96373c
     int rc = 0;
96373c
-    passwdPolicy *pwdpolicy = NULL;
96373c
-    struct pw_scheme *pwdscheme = NULL;
96373c
-    Slapi_Attr *attr;
96373c
-    char *attr_name;
96373c
-    Slapi_Value **sval;
96373c
-    slapdFrontendConfig_t *slapdFrontendConfig;
96373c
     int optype = -1;
96373c
 
96373c
     /* If we already allocated a pw policy, return it */
96373c
@@ -1717,9 +1717,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
96373c
                     pw_entry = get_entry(pb, bvp->bv_val);
96373c
                 }
96373c
             }
96373c
-
96373c
             slapi_vattr_values_free(&values, &actual_type_name, attr_free_flags);
96373c
-
96373c
             slapi_entry_free(e);
96373c
 
96373c
             if (pw_entry == NULL) {
96373c
@@ -1732,7 +1730,11 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
96373c
 
96373c
             /* Set the default values (from libglobs.c) */
96373c
             pwpolicy_init_defaults(pwdpolicy);
96373c
-            pwdpolicy->pw_storagescheme = slapdFrontendConfig->pw_storagescheme;
96373c
+
96373c
+            /* Set the current storage scheme */
96373c
+            pwscheme_name = config_get_pw_storagescheme();
96373c
+            pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
96373c
+            slapi_ch_free_string(&pwscheme_name);
96373c
 
96373c
             /* Set the defined values now */
96373c
             for (slapi_entry_first_attr(pw_entry, &attr); attr;
96373c
@@ -1865,6 +1867,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
96373c
                     }
96373c
                 } else if (!strcasecmp(attr_name, "passwordstoragescheme")) {
96373c
                     if ((sval = attr_get_present_values(attr))) {
96373c
+                        free_pw_scheme(pwdpolicy->pw_storagescheme);
96373c
                         pwdpolicy->pw_storagescheme =
96373c
                             pw_name2scheme((char *)slapi_value_get_string(*sval));
96373c
                     }
96373c
@@ -1924,10 +1927,9 @@ done:
96373c
      * structure from slapdFrontendconfig
96373c
      */
96373c
     *pwdpolicy = slapdFrontendConfig->pw_policy;
96373c
-    pwdscheme = (struct pw_scheme *)slapi_ch_calloc(1, sizeof(struct pw_scheme));
96373c
-    *pwdscheme = *slapdFrontendConfig->pw_storagescheme;
96373c
-    pwdscheme->pws_name = strdup(slapdFrontendConfig->pw_storagescheme->pws_name);
96373c
-    pwdpolicy->pw_storagescheme = pwdscheme;
96373c
+    pwscheme_name = config_get_pw_storagescheme();
96373c
+    pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name);
96373c
+    slapi_ch_free_string(&pwscheme_name);
96373c
     pwdpolicy->pw_admin = slapi_sdn_dup(slapdFrontendConfig->pw_policy.pw_admin);
96373c
     pw_get_admin_users(pwdpolicy);
96373c
     if (pb) {
96373c
-- 
96373c
2.13.6
96373c