From ac8ceb91e42c31672147018d9d654879970dd38d Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Mar 27 2013 16:27:45 +0000 Subject: Ticket 628 - crash in aci evaluation Bug Description: When trying to get effective rights on a entry that does not exist, can lead to a crash from dereferencing a NULL pointer. Fix Description: Check for NULL entry pointers and return the appropriate error. https://fedorahosted.org/389/ticket/628 Reviewed by: nhosoi(Thanks Noriko!) --- diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c index 17af1bf..d7dbf61 100644 --- a/ldap/servers/slapd/entry.c +++ b/ldap/servers/slapd/entry.c @@ -2363,7 +2363,11 @@ slapi_entry_next_attr( const Slapi_Entry *e, Slapi_Attr *prevattr, Slapi_Attr ** int slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) { - int r= -1; + int r = -1; + + if(e == NULL){ + return r; + } *a = attrlist_find( e->e_attrs, type ); if (*a != NULL) { @@ -2374,11 +2378,11 @@ slapi_entry_attr_find( const Slapi_Entry *e, const char *type, Slapi_Attr **a ) * Our state information storage scheme can cause this, since * we have to hang onto the deleted value state information. */ - *a= NULL; + *a = NULL; } else { - r= 0; + r = 0; } } return r; @@ -3026,18 +3030,20 @@ slapi_entry_attr_has_syntax_value(const Slapi_Entry *e, const char *type, const Slapi_Value *value) { - int r= 0; - Slapi_Attr *attr; + int r = 0; + Slapi_Attr *attr; + if(e == NULL){ + return r; + } if(slapi_entry_attr_find(e, type, &attr)==0) { - const struct berval *bv = slapi_value_get_berval(value); + const struct berval *bv = slapi_value_get_berval(value); - if ( bv != NULL) { - r = (slapi_attr_value_find(attr, bv) == 0); - } - - } + if ( bv != NULL) { + r = (slapi_attr_value_find(attr, bv) == 0); + } + } return r; }