Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
Apq
/
389-ds-base
mirror de https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

Bug 750625 - Fix Coverity (11054) Dereference after null check

https://bugzilla.redhat.com/show_bug.cgi?id=750625

slapd/pw.c (new_passwdPolicy)

Bug Description: Passing null variable "pb" to function "get_entry",
which dereferences it.

Fix Description: if NULL pblock is passed, new_passworPolicy does not
go forward, but returns immediately.
Noriko Hosoi há 14 anos atrás
pai
0ae39ce5b3
commit
003812911f
1 ficheiros alterados com 16 adições e 11 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 16 11
      ldap/servers/slapd/pw.c

+ 16 - 11
ldap/servers/slapd/pw.c
Ver Ficheiro 

@@ -343,20 +343,21 @@ pw_encodevals_ext( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals )
 
 	passwdPolicy *pwpolicy=NULL;
 
 	char *(*pws_enc) ( char *pwd ) = NULL;
 
 
-	if ( vals == NULL ) {
 
+	if ( (NULL == pb) || (NULL == vals) ) {
 
 		return( 0 );
 
 	}
 
  
 	/* new_passwdPolicy gives us a local policy if sdn and pb are set and
 
 	   can be used to find a local policy, else we get the global policy */
 
-	pwpolicy = new_passwdPolicy(pb, sdn ? (char*)slapi_sdn_get_ndn(sdn) : NULL );
 
+	pwpolicy = new_passwdPolicy(pb, sdn ? (char*)slapi_sdn_get_ndn(sdn) : NULL);
 
+	if (pwpolicy) {
 
+		if (pwpolicy->pw_storagescheme) {
 
+			pws_enc = pwpolicy->pw_storagescheme->pws_enc;
 
+		}
 
 
-	if (pwpolicy->pw_storagescheme) {
 
-		pws_enc = pwpolicy->pw_storagescheme->pws_enc;
 
+		delete_passwdPolicy(&pwpolicy);
 
 	}
 
 
-	delete_passwdPolicy(&pwpolicy);
 
-
 
 	/* Password scheme encryption function was not found */
 
 	if ( pws_enc == NULL ) {
 
 		return( 0 );
 
@@ -1527,19 +1528,23 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
 
 	char ebuf[ BUFSIZ ];
 
 	int optype = -1;
 
 
+	/* RFE - is there a way to make this work for non-existent entries 
+	 * when we don't pass in pb?  We'll need to do this if we add support 
+	 * for password policy plug-ins. */
 
+	if (NULL == pb) {
 
+		LDAPDebug0Args(LDAP_DEBUG_ANY, 
+		               "new_passwdPolicy: NULL pblock was passed.\n");
 
+		return NULL;
 
+	}
 
 	slapdFrontendConfig = getFrontendConfig();
 
 	pwdpolicy = (passwdPolicy *)slapi_ch_calloc(1, sizeof(passwdPolicy));
 
 
-	if (pb) {
 
-		slapi_pblock_get( pb, SLAPI_OPERATION_TYPE, &optype );
 
-	}
 
+	slapi_pblock_get( pb, SLAPI_OPERATION_TYPE, &optype );
 
 
 	if (dn && (slapdFrontendConfig->pwpolicy_local == 1)) {
 
 		/*  If we're doing an add, COS does not apply yet so we check
 
 			parents for the pwdpolicysubentry.  We look only for virtual
 
 			attributes, because real ones are for single-target policy. */
 
-		/* NGK - is there a way to make this work for non-existent entries when we don't pass in pb?  We'll
 
-		 * need to do this if we add support for password policy plug-ins. */
 
 		if (optype == SLAPI_OPERATION_ADD) {
 
 			char *parentdn = slapi_ch_strdup(dn);
 
 			char *nextdn = NULL;