From baa26c96e873916d4c02651b04de7ca2a578863d Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Jan 09 2015 22:35:14 +0000
Subject: Ticket #47905 - Bad manipulation of passwordhistory


Description: The patch was provided by German Parente (gparente@redhat.com)
https://fedorahosted.org/389/ticket/47905#comment:6

If a value of password policy attribute (e.g., passwordhistory) is
accidentally deleted, it causes a null reference in pw_val2scheme.
This patch checks whether val is NULL or not.  If the given val is
NULL, pw_val2scheme returns NULL.

https://fedorahosted.org/389/ticket/47905

Reviewed by nhosoi@redhat.com.

(cherry picked from commit 2c6e74adbea3c4799f30b0e3d679da9dd060ff58)

---

diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 3cb40fc..082f69a 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -146,7 +146,7 @@ slapi_pw_find_sv(
 
 	LDAPDebug( LDAP_DEBUG_TRACE, "=> slapi_pw_find value: \"%s\"\n", slapi_value_get_string(v), 0, 0 ); /* JCM Innards */
 
-    for ( i = 0; vals[i] != NULL; i++ )
+    for ( i = 0; vals && vals[i]; i++ )
     {
 		pwsp = pw_val2scheme( (char*)slapi_value_get_string(vals[i]), &valpwd, 1 ); /* JCM Innards*/
 		if ( pwsp != NULL && 
@@ -287,9 +287,12 @@ struct pw_scheme *
 pw_val2scheme( char *val, char **valpwdp, int first_is_default )
 {
 	struct pw_scheme	*pwsp;
-    int     		namelen, prefixlen;
+	int 			namelen, prefixlen;
 	char			*end, buf[ PWD_MAX_NAME_LEN + 1 ];
 
+	if (NULL == val) {
+		return( NULL );
+	}
 	if ( *val != PWD_HASH_PREFIX_START ||
 	    ( end = strchr( val, PWD_HASH_PREFIX_END )) == NULL ||
 	    ( namelen = end - val - 1 ) > PWD_MAX_NAME_LEN ) {