summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-11-10 16:05:16 +0100
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-11-11 10:03:40 +0100
commitfeb00fe7cc238a78b3832c116cb4634936597735 (patch)
treefc4a62bfa07e55d15a7e18f9de960e31b47ed9a4 /source4/dsdb/samdb
parent4fe63d927e5e684d3e2bec9642a1e77b056ab2ed (diff)
downloadsamba-feb00fe7cc238a78b3832c116cb4634936597735.tar.gz
samba-feb00fe7cc238a78b3832c116cb4634936597735.tar.bz2
samba-feb00fe7cc238a78b3832c116cb4634936597735.zip
s4:dsdb - proof against empty RDN values where expected
This should prevent crashes as pointed out on the mailing list.
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/objectclass.c4
-rw-r--r--source4/dsdb/samdb/ldb_modules/repl_meta_data.c8
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c13
3 files changed, 23 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 811bc96f02..2e95eb5e91 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -334,8 +334,10 @@ static int fix_dn(struct ldb_context *ldb,
return ldb_operr(ldb);
}
-
rdn_val = ldb_dn_get_rdn_val(newdn);
+ if (rdn_val == NULL) {
+ return ldb_operr(ldb);
+ }
#if 0
/* the rules for rDN length constraints are more complex than
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 7838b65fdf..b2d5292a14 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -2561,6 +2561,10 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req)
rdn_name = ldb_dn_get_rdn_name(old_dn);
rdn_value = ldb_dn_get_rdn_val(old_dn);
+ if ((rdn_name == NULL) || (rdn_value == NULL)) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
msg = ldb_msg_new(tmp_ctx);
if (msg == NULL) {
@@ -2753,6 +2757,10 @@ static int replmd_delete(struct ldb_module *module, struct ldb_request *req)
/* work out what the new rdn value is, for updating the
rDN and name fields */
new_rdn_value = ldb_dn_get_rdn_val(new_dn);
+ if (new_rdn_value == NULL) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
sa = dsdb_attribute_by_lDAPDisplayName(schema, rdn_name);
if (!sa) {
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 04b8dff0e0..1ac86148e6 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -575,6 +575,9 @@ static int samldb_fill_object(struct samldb_ctx *ac)
}
rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
+ if (rdn_value == NULL) {
+ return ldb_operr(ldb);
+ }
if (!ldb_msg_find_element(ac->msg, "lDAPDisplayName")) {
/* the RDN has prefix "CN" */
ret = ldb_msg_add_string(ac->msg, "lDAPDisplayName",
@@ -638,6 +641,9 @@ static int samldb_fill_object(struct samldb_ctx *ac)
} else if (strcmp(ac->type, "attributeSchema") == 0) {
const struct ldb_val *rdn_value;
rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
+ if (rdn_value == NULL) {
+ return ldb_operr(ldb);
+ }
if (!ldb_msg_find_element(ac->msg, "lDAPDisplayName")) {
/* the RDN has prefix "CN" */
ret = ldb_msg_add_string(ac->msg, "lDAPDisplayName",
@@ -692,6 +698,7 @@ static int samldb_fill_object(struct samldb_ctx *ac)
static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac)
{
struct ldb_context *ldb;
+ const struct ldb_val *rdn_value;
struct dom_sid *sid;
int ret;
@@ -699,8 +706,12 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac)
sid = samdb_result_dom_sid(ac->msg, ac->msg, "objectSid");
if (sid == NULL) {
+ rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
+ if (rdn_value == NULL) {
+ return ldb_operr(ldb);
+ }
sid = dom_sid_parse_talloc(ac->msg,
- (const char *)ldb_dn_get_rdn_val(ac->msg->dn)->data);
+ (const char *)rdn_value->data);
if (sid == NULL) {
ldb_set_errstring(ldb,
"samldb: No valid SID found in ForeignSecurityPrincipal CN!");