[Freeipa-devel] [freeipa PR#3702][opened] [KDB] Fix segfault in ipadb_parse_ldap_entry()

Fri, 20 Sep 2019 10:37:37 -0700 

   URL: https://github.com/freeipa/freeipa/pull/3702
Author: frozencemetery
 Title: #3702: [KDB] Fix segfault in ipadb_parse_ldap_entry()
Action: opened

PR body:
"""
lcontext may be NULL here, probably due to a restarted 389ds.  Based on
a patch by Rob Crittenden.

Signed-off-by: Robbie Harwood <rharw...@redhat.com>
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3702/head:pr3702
git checkout pr3702

From 13b66798137d2dc070928a3db13c2cbfc6a6cf6c Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharw...@redhat.com>
Date: Thu, 5 Sep 2019 13:00:27 -0400
Subject: [PATCH] [KDB] Fix segfault in ipadb_parse_ldap_entry()

lcontext may be NULL here, probably due to a restarted 389ds.  Based on
a patch by Rob Crittenden.

Signed-off-by: Robbie Harwood <rharw...@redhat.com>
---
 daemons/ipa-kdb/ipa_kdb_principals.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c
index 731348e01f..74406200b3 100644
--- a/daemons/ipa-kdb/ipa_kdb_principals.c
+++ b/daemons/ipa-kdb/ipa_kdb_principals.c
@@ -21,6 +21,7 @@
  */
 
 #include "ipa_kdb.h"
+#include "ipa_krb5.h"
 #include <unicase.h>
 
 /*
@@ -554,6 +555,17 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext,
         return KRB5_KDB_DBNOTINITED;
     }
     lcontext = ipactx->lcontext;
+    if (!lcontext) {
+        krb5_klog_syslog(LOG_INFO,
+                         "No LDAP connection in ipadb_parse_ldap_entry(); retrying...\n");
+        ret = ipadb_get_connection(ipactx);
+        if (ret != 0) {
+            krb5_klog_syslog(LOG_ERR,
+                             "No LDAP connection on retry in ipadb_parse_ldap_entry()!\n");
+            kerr = KRB5_KDB_INTERNAL_ERROR;
+            goto done;
+        }
+    }
 
     entry->magic = KRB5_KDB_MAGIC_NUMBER;
     entry->len = KRB5_KDB_V1_BASE_LENGTH;

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org

Reply via email to