8920 – Avoid null dereference in initialize_password_db()

Bug 8920 - Avoid null dereference in initialize_password_db()

Summary: Avoid null dereference in initialize_password_db()

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 3.6
Classification:	Unclassified
Component:	User & Group Accounts (show other bugs)
Version:	3.6.5
Hardware:	All All

Importance:	P5 normal
Target Milestone:	---
Assignee:	Karolin Seeger
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-05-08 20:09 UTC by Debian samba package maintainers (PUBLIC MAILING LIST)
Modified:	2023-07-07 01:44 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Patch used in Debian and Ubuntu (1.03 KB, patch) 2012-05-08 20:09 UTC, Debian samba package maintainers (PUBLIC MAILING LIST)	no flags	Details
fix (1.40 KB, patch) 2012-05-09 12:27 UTC, Volker Lendecke	obnox: review+	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Debian samba package maintainers (PUBLIC MAILING LIST) 2012-05-08 20:09:17 UTC

When initialize_password_db() is called with reload=True, it's assumed that
 the free_private_data member of pdb_methods is non-null.  This is not
 necessarily the case, as the tdb backend has no private data and therefore
 no free function.  Check to see if we have private data that needs freed
 before calling.

(this text originally written by Steve Langasek)

Comment 1 Debian samba package maintainers (PUBLIC MAILING LIST) 2012-05-08 20:09:54 UTC

Created attachment 7533 [details]
Patch used in Debian and Ubuntu

Comment 2 Volker Lendecke 2012-05-09 05:57:40 UTC

I would use a different patch. In the if clause I would check for free_private_data instead of private_data because that is what we dereference. Would that work for you as well?

Comment 3 Steve Langasek 2012-05-09 07:36:12 UTC

The two checks seem to be equivalent, yes.  It fits my mental model better to think about whether there's any data to be freed, rather than whether there's a method to do the freeing, but I think both ways will fix the bug. :)

Comment 4 Volker Lendecke 2012-05-09 12:27:12 UTC

Created attachment 7539 [details]
fix

that's what I am about to push to master, ok?

Comment 5 Debian samba package maintainers (PUBLIC MAILING LIST) 2012-05-09 12:46:04 UTC

Seems OK for me and I guess STeve will be OK too.

Could that be a candidate for 3.6.6 and therefore save us one patch in debian/patches?

Comment 6 Michael Adam 2012-05-09 12:53:24 UTC

Comment on attachment 7539 [details]
fix

ACK

Comment 7 Volker Lendecke 2012-05-09 12:54:20 UTC

Done.

Comment 8 Karolin Seeger 2012-05-10 09:01:40 UTC

Pushed patch to v3-6-test.
Will be included in the next bugfix release.
Closing out bug report.

Thanks!