diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-04-12 12:01:01 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-04-19 14:04:25 +0200 |
commit | d2e8ad3f8fcb3dcabb56ce9b5e7fada6800cfc77 (patch) | |
tree | 92b3b609fcedd6f086491e548da3f2412700f095 /src | |
parent | 8164714c5c1ca06ed0435db281e0dbe1db80850c (diff) | |
download | sssd-d2e8ad3f8fcb3dcabb56ce9b5e7fada6800cfc77.tar.gz sssd-d2e8ad3f8fcb3dcabb56ce9b5e7fada6800cfc77.tar.bz2 sssd-d2e8ad3f8fcb3dcabb56ce9b5e7fada6800cfc77.zip |
LDAP: do not invalidate pointer with realloc while processing ghost users
https://fedorahosted.org/sssd/ticket/1799
One peculiarity of the sysdb_attrs_get_el interface is that if the
attribute does not exist, then the attrs array is reallocated and the
element is created. But in case other pointers are already pointing
into the array, the realloc might invalidate them.
Such case was in the sdap_process_ghost_members function where if
the group had no members, the "gh" pointer requested earlier might have
been invalidated by the realloc in order to create the member element.
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 9d4a8487..bb88d6c4 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -323,10 +323,20 @@ sdap_process_ghost_members(struct sysdb_attrs *attrs, return ret; } - ret = sysdb_attrs_get_el(attrs, + ret = sysdb_attrs_get_el_ext(attrs, opts->group_map[SDAP_AT_GROUP_MEMBER].sys_name, - &memberel); - if (ret != EOK) { + false, &memberel); + if (ret == ENOENT) { + /* Create a dummy element with no values in order for the loop to just + * fall through and make sure the attrs array is not reallocated. + */ + memberel = talloc(attrs, struct ldb_message_element); + if (memberel == NULL) { + return ENOMEM; + } + memberel->num_values = 0; + memberel->values = NULL; + } else if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Error reading members: [%s]\n", strerror(ret))); return ret; |