nss_ldap crashes handling a group with no gidnumber attribute
When fetching group memberships for a user, if the user is a member of a group that does not have a gidnumber attribute, getgrent.c:getbymember will dereference a NULL pointer because it doesn't check the return value from __ns_ldap_getAttr here: https://github.com/illumos/illumos-gate/blob/master/usr/src/lib/nsswitch/ldap/common/getgrent.c#L374
As far as I can tell, every other call to __ns_ldap_getAttr has an 'if (result NULL || result NULL)' immediately afterwards.
Updated by Electric Monk almost 3 years ago
- Status changed from In Progress to Closed
- % Done changed from 90 to 100
commit a3bcc60de108dc761615b2b9561d6dc76971f471 Author: Matt Barden <firstname.lastname@example.org> Date: 2017-07-28T21:27:57.000Z 8543 nss_ldap crashes handling a group with no gidnumber attribute Reviewed by: Evan Layton <email@example.com> Reviewed by: Gordon Ross <firstname.lastname@example.org> Approved by: Robert Mustacchi <email@example.com>