Learn more about these different git repos.
Other Git URLs
At conditional (1): "dom" taking the false branch. Comparing "dom" to null implies that "dom" might be null. 773 while (dom) { 774 /* if it is a domainless search, skip domains that require fully 775 * qualified names instead */ 776 while (dom && !preq->pd->domain && dom->fqnames) { 777 dom = dom->next; 778 } 779 780 if (!dom) break; 781 782 if (dom != preq->domain) { 783 /* make sure we reset the check_provider flag when we check 784 * a new domain */ 785 preq->check_provider = NEED_CHECK_PROVIDER(dom->provider); 786 } 787 788 /* make sure to update the preq if we changed domain */ 789 preq->domain = dom; 790 791 /* TODO: check negative cache ? */ 792 793 /* Always try to refresh the cache first on authentication */ 794 if (preq->check_provider && 795 (preq->pd->cmd == SSS_PAM_AUTHENTICATE || 796 preq->pd->cmd == SSS_PAM_SETCRED)) { 797 798 /* call provider first */ 799 break; 800 } 801 802 DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name)); 803 804 ret = sysdb_get_ctx_from_list(cctx->rctx->db_list, dom, &sysdb); 805 if (ret != EOK) { 806 DEBUG(0, ("Fatal: Sysdb CTX not found for this domain!\n")); 807 preq->pd->pam_status = PAM_SYSTEM_ERR; 808 return EFAULT; 809 } 810 ret = sysdb_getpwnam(preq, sysdb, dom, name, &preq->res); 811 if (ret != EOK) { 812 DEBUG(1, ("Failed to make request to our cache!\n")); 813 return EIO; 814 } 815 816 if (preq->res->count > 1) { 817 DEBUG(0, ("getpwnam call returned more than one result !?!\n")); 818 return ENOENT; 819 } 820 821 if (preq->res->count == 0) { 822 /* if a multidomain search, try with next */ 823 if (!preq->pd->domain) { 824 dom = dom->next; 825 continue; 826 } 827 828 DEBUG(2, ("No results for getpwnam call\n")); 829 830 /* TODO: store negative cache ? */ 831 832 return ENOENT; 833 } 834 835 /* One result found */ 836 837 /* if we need to check the remote account go on */ 838 if (preq->check_provider) { 839 cacheExpire = ldb_msg_find_attr_as_uint64(preq->res->msgs[0], 840 SYSDB_CACHE_EXPIRE, 0); 841 if (cacheExpire < time(NULL)) { 842 break; 843 } 844 } 845 846 DEBUG(6, ("Returning info for user [%s@%s]\n", name, dom->name)); 847 848 return EOK; 849 } 850 At conditional (2): "preq->check_provider" taking the true branch. 851 if (preq->check_provider) { 852 853 /* dont loop forever :-) */ 854 preq->check_provider = false; 855 Dereferencing null variable "dom". 856 ret = sss_dp_send_acct_req(preq->cctx->rctx, preq, 857 pam_check_user_dp_callback, preq, 858 SSS_CLI_SOCKET_TIMEOUT/2, 859 dom->name, false, SSS_DP_USER, name, 0);
After the while(dom) loop, we should check for whether dom is NULL and set preq->check_provider to false if so
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.5.0
Fixed by 28a8ae0
coverity: => 10010 resolution: => fixed status: new => closed
rhbz: => 0
Metadata Update from @sgallagh: - Issue assigned to sgallagh - Issue set to the milestone: SSSD 1.5.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1761
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.