The Samba-Bugzilla – Attachment 3591 Details for
Bug 5766
winbind dumps core
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Don't dereference NULL ADS pointers
0001-idmap_ad-Fix-a-segfault-when-calling-nss_get_info.patch (text/plain), 3.51 KB, created by
Gerald (Jerry) Carter (dead mail address)
on 2008-09-16 12:15:18 UTC
(
hide
)
Description:
Don't dereference NULL ADS pointers
Filename:
MIME Type:
Creator:
Gerald (Jerry) Carter (dead mail address)
Created:
2008-09-16 12:15:18 UTC
Size:
3.51 KB
patch
obsolete
>From 62791bbd030f7db272ca68260a4f7586de6576d0 Mon Sep 17 00:00:00 2001 >From: Gerald W. Carter <jerry@samba.org> >Date: Mon, 15 Sep 2008 12:38:36 -0500 >Subject: [PATCH] idmap_ad: Fix a segfault when calling nss_get_info() with a NULL ads structure. > >--- > source/winbindd/idmap_ad.c | 81 ++++++++++++++++++++++++++++++++++++------ > 1 files changed, 69 insertions(+), 12 deletions(-) > >diff --git a/source/winbindd/idmap_ad.c b/source/winbindd/idmap_ad.c >index 9fefb1b..d7c8749 100644 >--- a/source/winbindd/idmap_ad.c >+++ b/source/winbindd/idmap_ad.c >@@ -732,6 +732,16 @@ static NTSTATUS nss_ad_get_info( struct nss_domain_entry *e, > uint32 *gid ) > { > ADS_STRUCT *ads_internal = NULL; >+ const char *attrs[] = {NULL, /* attr_homedir */ >+ NULL, /* attr_shell */ >+ NULL, /* attr_gecos */ >+ NULL, /* attr_gidnumber */ >+ NULL }; >+ char *filter = NULL; >+ LDAPMessage *msg_internal = NULL; >+ ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL); >+ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; >+ char *sidstr = NULL; > > /* Only do query if we are online */ > if (idmap_is_offline()) { >@@ -743,22 +753,69 @@ static NTSTATUS nss_ad_get_info( struct nss_domain_entry *e, > > ads_internal = ad_idmap_cached_connection(); > >- if ( !ads_internal || !ad_schema ) >+ if ( !ads_internal || !ad_schema ) { > return NT_STATUS_OBJECT_NAME_NOT_FOUND; >- >- if ( !homedir || !shell || !gecos ) >+ } >+ >+ if (!sid || !homedir || !shell || !gecos) { > return NT_STATUS_INVALID_PARAMETER; >+ } >+ >+ /* See if we can use the ADS connection struct swe were given */ > >- *homedir = ads_pull_string( ads, ctx, msg, ad_schema->posix_homedir_attr ); >- *shell = ads_pull_string( ads, ctx, msg, ad_schema->posix_shell_attr ); >- *gecos = ads_pull_string( ads, ctx, msg, ad_schema->posix_gecos_attr ); >- >- if ( gid ) { >- if ( !ads_pull_uint32(ads, msg, ad_schema->posix_gidnumber_attr, gid ) ) >- *gid = (uint32)-1; >+ if (ads) { >+ *homedir = ads_pull_string( ads, ctx, msg, ad_schema->posix_homedir_attr ); >+ *shell = ads_pull_string( ads, ctx, msg, ad_schema->posix_shell_attr ); >+ *gecos = ads_pull_string( ads, ctx, msg, ad_schema->posix_gecos_attr ); >+ >+ if (gid) { >+ if ( !ads_pull_uint32(ads, msg, ad_schema->posix_gidnumber_attr, gid ) ) >+ *gid = (uint32)-1; >+ } >+ >+ nt_status = NT_STATUS_OK; >+ goto done; > } >- >- return NT_STATUS_OK; >+ >+ /* Have to do our own query */ >+ >+ attrs[0] = ad_schema->posix_homedir_attr; >+ attrs[1] = ad_schema->posix_shell_attr; >+ attrs[2] = ad_schema->posix_gecos_attr; >+ attrs[3] = ad_schema->posix_gidnumber_attr; >+ >+ sidstr = sid_binstring(sid); >+ filter = talloc_asprintf(ctx, "(objectSid=%s)", sidstr); >+ SAFE_FREE(sidstr); >+ >+ if (!filter) { >+ nt_status = NT_STATUS_NO_MEMORY; >+ goto done; >+ } >+ >+ ads_status = ads_search_retry(ads_internal, &msg_internal, filter, attrs); >+ if (!ADS_ERR_OK(ads_status)) { >+ nt_status = ads_ntstatus(ads_status); >+ goto done; >+ } >+ >+ *homedir = ads_pull_string(ads_internal, ctx, msg_internal, ad_schema->posix_homedir_attr); >+ *shell = ads_pull_string(ads_internal, ctx, msg_internal, ad_schema->posix_shell_attr); >+ *gecos = ads_pull_string(ads_internal, ctx, msg_internal, ad_schema->posix_gecos_attr); >+ >+ if (gid) { >+ if (!ads_pull_uint32(ads_internal, msg_internal, ad_schema->posix_gidnumber_attr, gid)) >+ *gid = (uint32)-1; >+ } >+ >+ nt_status = NT_STATUS_OK; >+ >+done: >+ if (msg_internal) { >+ ads_msgfree(ads_internal, msg_internal); >+ } >+ >+ return nt_status; > } > > /************************************************************************ >-- >1.5.4.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3591">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 5766
:
3581
|
3582
| 3591