[Freeipa-devel] [PATCH 155] ipa-kdb: get_authz_data_types() make sure entry can be NULL
Tomas Babej
tbabej at redhat.com
Wed Jan 27 15:04:18 UTC 2016
On 01/06/2016 12:15 PM, Sumit Bose wrote:
> Hi,
>
> this patch fixes and issue found by Simo when he called
> get_authz_data_types() with the second argument being NULL.
> This function determines which type of authorization data should be
> added to the Kerberos ticket. There are global default and it is
> possible to configure this per service as well. The second argument is
> the data base entry of a service. If no service is given it makes sens
> to return the global defaults and most parts of get_authz_data_types()
> handle this case well and this patch fixes the remain issue and adds a
> test for this as well.
>
> Please note that currently get_authz_data_types() is used in a code path
> where the service entry is expected to be not NULL and it turned out
> that in Simo's case it will be non-NULL as well. Nevertheless the patch
> makes the code more robust and makes the future use of
> get_authz_data_types() more safe.
>
> bye,
> Sumit
>
>
>
ACK, thanks.
More information about the Freeipa-devel
mailing list