autofs-5.0.9 - fix race accessing qdn in get_query_dn()

From: Ian Kent <raven@themaw.net>

Fix a couple of obvious problems in get_query_dn().

First, check dn is not NULL before attempting to duplicate it.

And also protect the update of qdn in the context by a mutex.

---

 CHANGELOG             |    1 +

 modules/lookup_ldap.c |    9 ++++++---

 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG

index 1b4e2fe..e911682 100644

--- a/CHANGELOG

+++ b/CHANGELOG

@@ -4,6 +4,7 @@

 - add serialization to sasl init.

 - dont allocate dev_ctl_ops too early.

 - fix incorrect round robin host detection.

+- fix race accessing qdn in get_query_dn().

 04/06/2014 autofs-5.1.0

 =======================

diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c

index aca3e05..5c16063 100644

--- a/modules/lookup_ldap.c

+++ b/modules/lookup_ldap.c

@@ -461,16 +461,19 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt

 	}

 	free(query);

-	qdn = strdup(dn);

-	ldap_memfree(dn);

+	if (dn) {

+		qdn = strdup(dn);

+		ldap_memfree(dn);

+	}

 	ldap_msgfree(result);

 	if (!qdn)

 		return 0;

+	uris_mutex_lock(ctxt);

 	if (ctxt->qdn)

 		free(ctxt->qdn);

-

 	ctxt->qdn = qdn;

+	uris_mutex_unlock(ctxt);

 	return 1;

 }