From e5bdf55e290dffc07bb6b8a97bef67fce90b21c6 Mon Sep 17 00:00:00 2001 From: Charles Lopes Date: May 17 2012 20:03:20 +0000 Subject: Bug #361: Bad DNs in ACIs can segfault ns-slapd A bad userdn will make the DN normalization fail. This sets dn to NULL, and the server will attempt to access the NULL dn. The fix is to just return with an error if the normalization fails since the DN is invalid. Reviewed by: rmeggins (cherry picked from commit 8ba2982457e7d2143ae0c2af212412122592c284) (cherry picked from commit 58ec62b04fd3696bd77a0610fb8ede58e9fa64d4) --- diff --git a/ldap/servers/plugins/acl/aclparse.c b/ldap/servers/plugins/acl/aclparse.c index 15b373b..39d9f6c 100644 --- a/ldap/servers/plugins/acl/aclparse.c +++ b/ldap/servers/plugins/acl/aclparse.c @@ -566,6 +566,11 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start, /* Normalize the value of userdn and append it to ret_str */ slapi_sdn_init_dn_byref(&sdn, p); dn = slapi_sdn_get_dn(&sdn); + /* Normalization failed so return an error (-1) */ + if (!dn) { + slapi_sdn_done(&sdn); + return -1; + } /* append up to ldap(s):/// */ aclutil_str_append_ext(dest, destlen, start, p - start); /* append the DN part */