[Freeipa-devel] FYI pushed patch was:[Fwd: server/responder]
Simo Sorce
ssorce at redhat.com
Mon Apr 13 14:21:50 UTC 2009
I pushed this patch to be able to release 0.3.0 today.
It's tested and fixes clear segfaults.
Simo.
-------- Forwarded Message --------
From: Simo Sorce <simo at fedoraproject.org>
To: gitsssd-members at fedoraproject.org
Subject: server/responder
Date: Mon, 13 Apr 2009 14:18:58 +0000 (UTC)
server/responder/nss/nsssrv_cmd.c | 29 ++++++++++++++++++++---------
1 file changed, 20 insertions(+), 9 deletions(-)
New commits:
commit d497830d687951be2d49df1a9fa3cce57268670f
Author: Simo Sorce <ssorce at redhat.com>
Date: Mon Apr 13 10:15:50 2009 -0400
Fix segfaults when passing an unknown domain
Also setting dctx->domain to NULL is a recipe for segfaults :-)
Assign dctx->domain only when dom actually holds a domain pointer.
diff --git a/server/responder/nss/nsssrv_cmd.c b/server/responder/nss/nsssrv_cmd.c
index 3531421..f5555ed 100644
--- a/server/responder/nss/nsssrv_cmd.c
+++ b/server/responder/nss/nsssrv_cmd.c
@@ -88,6 +88,8 @@ static struct sss_domain_info *nss_get_dom(struct sss_domain_info *doms,
for (dom = doms; dom; dom = dom->next) {
if (strcasecmp(dom->name, domain) == 0) break;
}
+ if (!dom) DEBUG(2, ("Unknown domain [%s]!\n", domain));
+
return dom;
}
@@ -340,8 +342,6 @@ static void nss_cmd_getpwnam_callback(void *ptr, int status,
/* reset neghit if we still have a domain to check */
if (dom) neghit = false;
- dctx->domain = dom;
-
if (neghit) {
DEBUG(2, ("User [%s] does not exist! (negative cache)\n",
cmdctx->name));
@@ -354,6 +354,7 @@ static void nss_cmd_getpwnam_callback(void *ptr, int status,
}
if (ret == EOK) {
+ dctx->domain = dom;
dctx->check_provider = (dctx->domain->provider != NULL);
if (dctx->res) talloc_free(res);
dctx->res = NULL;
@@ -519,6 +520,10 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx)
if (domname) {
dctx->domain = nss_get_dom(cctx->rctx->domains, domname);
+ if (!dctx->domain) {
+ ret = ENOENT;
+ goto done;
+ }
/* verify this user has not yet been negatively cached,
* or has been permanently filtered */
@@ -1713,9 +1718,7 @@ static void nss_cmd_getgrnam_callback(void *ptr, int status,
/* reset neghit if we still have a domain to check */
if (dom) neghit = false;
- dctx->domain = dom;
-
- if (neghit) {
+ if (neghit) {
DEBUG(2, ("Group [%s] does not exist! (negative cache)\n",
cmdctx->name));
ret = ENOENT;
@@ -1727,6 +1730,7 @@ static void nss_cmd_getgrnam_callback(void *ptr, int status,
}
if (ret == EOK) {
+ dctx->domain = dom;
dctx->check_provider = (dctx->domain->provider != NULL);
if (dctx->res) talloc_free(res);
dctx->res = NULL;
@@ -1887,6 +1891,10 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx)
if (domname) {
dctx->domain = nss_get_dom(cctx->rctx->domains, domname);
+ if (!dctx->domain) {
+ ret = ENOENT;
+ goto done;
+ }
/* verify this user has not yet been negatively cached,
* or has been permanently filtered */
@@ -2880,20 +2888,19 @@ static void nss_cmd_getinit_callback(void *ptr, int status,
/* reset neghit if we still have a domain to check */
if (dom) neghit = false;
- dctx->domain = dom;
-
- if (neghit) {
+ if (neghit) {
DEBUG(2, ("User [%s] does not exist! (negative cache)\n",
cmdctx->name));
ret = ENOENT;
}
- if (dctx->domain == NULL) {
+ if (dom == NULL) {
DEBUG(2, ("No matching domain found for [%s], fail!\n",
cmdctx->name));
ret = ENOENT;
}
if (ret == EOK) {
+ dctx->domain = dom;
dctx->check_provider = (dctx->domain->provider != NULL);
if (dctx->res) talloc_free(res);
dctx->res = NULL;
@@ -3020,6 +3027,10 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx)
if (domname) {
dctx->domain = nss_get_dom(cctx->rctx->domains, domname);
+ if (!dctx->domain) {
+ ret = ENOENT;
+ goto done;
+ }
/* verify this user has not yet been negatively cached,
* or has been permanently filtered */
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list