Actions
Bug #8543
closed
nss_ldap crashes handling a group with no gidnumber attribute
Start date:
2017-07-27
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:
Description
When fetching group memberships for a user, if the user is a member of a group that does not have a gidnumber attribute, getgrent.c:getbymember will dereference a NULL pointer because it doesn't check the return value from __ns_ldap_getAttr here: https://github.com/illumos/illumos-gate/blob/master/usr/src/lib/nsswitch/ldap/common/getgrent.c#L374
As far as I can tell, every other call to __ns_ldap_getAttr has an 'if (result NULL || result[0] NULL)' immediately afterwards.
Related issues
Updated by Yuri Pankov about 6 years ago
- Category set to lib - userland libraries
- Status changed from New to In Progress
- Assignee set to Yuri Pankov
- % Done changed from 0 to 90
- Tags deleted (
needs-triage)
taking, we have a fix for this.
Updated by Yuri Pankov about 6 years ago
- Has duplicate Bug #8533: ldap client causes smbd to crash / hang added
Updated by Electric Monk about 6 years ago
- Status changed from In Progress to Closed
- % Done changed from 90 to 100
git commit a3bcc60de108dc761615b2b9561d6dc76971f471
commit a3bcc60de108dc761615b2b9561d6dc76971f471
Author: Matt Barden <matt.barden@nexenta.com>
Date: 2017-07-28T21:27:57.000Z
8543 nss_ldap crashes handling a group with no gidnumber attribute
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Actions