Blame autofs-5.0.9-fix-race-accessing-qdn-in-get_query_dn.patch
|
Ian Kent |
ff6f3e |
autofs-5.0.9 - fix race accessing qdn in get_query_dn()
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
From: Ian Kent <raven@themaw.net>
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
Fix a couple of obvious problems in get_query_dn().
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
First, check dn is not NULL before attempting to duplicate it.
|
|
Ian Kent |
ff6f3e |
And also protect the update of qdn in the context by a mutex.
|
|
Ian Kent |
ff6f3e |
---
|
|
Ian Kent |
ff6f3e |
CHANGELOG | 1 +
|
|
Ian Kent |
ff6f3e |
modules/lookup_ldap.c | 9 ++++++---
|
|
Ian Kent |
ff6f3e |
2 files changed, 7 insertions(+), 3 deletions(-)
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
diff --git a/CHANGELOG b/CHANGELOG
|
|
Ian Kent |
ff6f3e |
index 1b4e2fe..e911682 100644
|
|
Ian Kent |
ff6f3e |
--- a/CHANGELOG
|
|
Ian Kent |
ff6f3e |
+++ b/CHANGELOG
|
|
Ian Kent |
ff6f3e |
@@ -4,6 +4,7 @@
|
|
Ian Kent |
ff6f3e |
- add serialization to sasl init.
|
|
Ian Kent |
ff6f3e |
- dont allocate dev_ctl_ops too early.
|
|
Ian Kent |
ff6f3e |
- fix incorrect round robin host detection.
|
|
Ian Kent |
ff6f3e |
+- fix race accessing qdn in get_query_dn().
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
04/06/2014 autofs-5.1.0
|
|
Ian Kent |
ff6f3e |
=======================
|
|
Ian Kent |
ff6f3e |
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
|
|
Ian Kent |
ff6f3e |
index aca3e05..5c16063 100644
|
|
Ian Kent |
ff6f3e |
--- a/modules/lookup_ldap.c
|
|
Ian Kent |
ff6f3e |
+++ b/modules/lookup_ldap.c
|
|
Ian Kent |
ff6f3e |
@@ -461,16 +461,19 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt
|
|
Ian Kent |
ff6f3e |
}
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
free(query);
|
|
Ian Kent |
ff6f3e |
- qdn = strdup(dn);
|
|
Ian Kent |
ff6f3e |
- ldap_memfree(dn);
|
|
Ian Kent |
ff6f3e |
+ if (dn) {
|
|
Ian Kent |
ff6f3e |
+ qdn = strdup(dn);
|
|
Ian Kent |
ff6f3e |
+ ldap_memfree(dn);
|
|
Ian Kent |
ff6f3e |
+ }
|
|
Ian Kent |
ff6f3e |
ldap_msgfree(result);
|
|
Ian Kent |
ff6f3e |
if (!qdn)
|
|
Ian Kent |
ff6f3e |
return 0;
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
+ uris_mutex_lock(ctxt);
|
|
Ian Kent |
ff6f3e |
if (ctxt->qdn)
|
|
Ian Kent |
ff6f3e |
free(ctxt->qdn);
|
|
Ian Kent |
ff6f3e |
-
|
|
Ian Kent |
ff6f3e |
ctxt->qdn = qdn;
|
|
Ian Kent |
ff6f3e |
+ uris_mutex_unlock(ctxt);
|
|
Ian Kent |
ff6f3e |
|
|
Ian Kent |
ff6f3e |
return 1;
|
|
Ian Kent |
ff6f3e |
}
|