From ac2314457fb35cffca9c552bcb3866f564b9c9ec Mon Sep 17 00:00:00 2001 From: Andrej Gessel Date: Fri, 15 Jun 2018 11:02:15 +0200 Subject: [PATCH 1/2] ldb: check return values BUG: https://bugzilla.samba.org/show_bug.cgi?id=13477 Signed-off-by: Andrej Gessel --- lib/ldb/ldb_tdb/ldb_index.c | 7 +++++++ lib/ldb/ldb_tdb/ldb_search.c | 5 ++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c index 04ffbad..13f61ac 100644 --- a/lib/ldb/ldb_tdb/ldb_index.c +++ b/lib/ldb/ldb_tdb/ldb_index.c @@ -446,6 +446,10 @@ normal_index: list->count = el->values[0].length / LTDB_GUID_SIZE; list->dn = talloc_array(list, struct ldb_val, list->count); + if (list->dn == NULL) { + talloc_free(msg); + return LDB_ERR_OPERATIONS_ERROR; + } /* * The actual data is on msg, due to @@ -710,6 +714,9 @@ static int ltdb_dn_list_store(struct ldb_module *module, struct ldb_dn *dn, } key.dptr = discard_const_p(unsigned char, ldb_dn_get_linearized(dn)); + if (key.dptr == NULL) { + return LDB_ERR_OPERATIONS_ERROR; + } key.dsize = strlen((char *)key.dptr); rec = tdb_fetch(ltdb->idxptr->itdb, key); diff --git a/lib/ldb/ldb_tdb/ldb_search.c b/lib/ldb/ldb_tdb/ldb_search.c index cfc3714..14e5040 100644 --- a/lib/ldb/ldb_tdb/ldb_search.c +++ b/lib/ldb/ldb_tdb/ldb_search.c @@ -102,8 +102,11 @@ static int msg_add_distinguished_name(struct ldb_message *msg) el.values = &val; el.flags = 0; val.data = (uint8_t *)ldb_dn_alloc_linearized(msg, msg->dn); + if (val.data == NULL) { + return -1; + } val.length = strlen((char *)val.data); - + ret = msg_add_element(msg, &el, 1); return ret; } -- 2.7.4 From 9b757c4cf560e61b8bc6cdb87d53c6729a472c04 Mon Sep 17 00:00:00 2001 From: Andrej Gessel Date: Tue, 19 Jun 2018 10:07:51 +0200 Subject: [PATCH 2/2] check return value before using key_values BUG: https://bugzilla.samba.org/show_bug.cgi?id=13477 Signed-off-by: Andrej Gessel --- lib/ldb/ldb_tdb/ldb_index.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c index 13f61ac..604a1f6 100644 --- a/lib/ldb/ldb_tdb/ldb_index.c +++ b/lib/ldb/ldb_tdb/ldb_index.c @@ -1760,13 +1760,13 @@ static int ltdb_index_filter(struct ltdb_private *ltdb, struct guid_tdb_key, dn_list->count); + if (key_values == NULL) { + return ldb_module_oom(ac->module); + } for (i = 0; i < dn_list->count; i++) { keys[i].dptr = key_values[i].guid_key; keys[i].dsize = sizeof(key_values[i].guid_key); } - if (key_values == NULL) { - return ldb_module_oom(ac->module); - } } else { for (i = 0; i < dn_list->count; i++) { keys[i].dptr = NULL; -- 2.7.4