389-ds-base/SOURCES/0039-Issue-4711-SIGSEV-with-sync_repl-4738.patch

From 81e9e6431293cbdde5b037c88e5c644f39d3d14d Mon Sep 17 00:00:00 2001
From: tbordaz <tbordaz@redhat.com>
Date: Tue, 27 Apr 2021 09:29:32 +0200
Subject: [PATCH 1/2] Issue 4711 - SIGSEV with sync_repl (#4738)

Bug description:
	sync_repl sends back entries identified with a unique
	identifier that is 'nsuniqueid'. If 'nsuniqueid' is
	missing, then it may crash

Fix description:
	Check a nsuniqueid is available else returns OP_ERR

relates: https://github.com/389ds/389-ds-base/issues/4711

Reviewed by: Pierre Rogier, James Chapman, William Brown (Thanks!)

Platforms tested:  F33
---
 ldap/servers/plugins/sync/sync_util.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/ldap/servers/plugins/sync/sync_util.c b/ldap/servers/plugins/sync/sync_util.c
index e64d519e1..bdba0a6c2 100644
--- a/ldap/servers/plugins/sync/sync_util.c
+++ b/ldap/servers/plugins/sync/sync_util.c
@@ -127,8 +127,8 @@ sync_create_state_control(Slapi_Entry *e, LDAPControl **ctrlp, int type, Sync_Co
     BerElement *ber;
     struct berval *bvp;
     char *uuid;
-    Slapi_Attr *attr;
-    Slapi_Value *val;
+    Slapi_Attr *attr = NULL;
+    Slapi_Value *val = NULL;
 
     if (type == LDAP_SYNC_NONE || ctrlp == NULL || (ber = der_alloc()) == NULL) {
         return (LDAP_OPERATIONS_ERROR);
@@ -138,6 +138,14 @@ sync_create_state_control(Slapi_Entry *e, LDAPControl **ctrlp, int type, Sync_Co
 
     slapi_entry_attr_find(e, SLAPI_ATTR_UNIQUEID, &attr);
     slapi_attr_first_value(attr, &val);
+    if ((attr == NULL) || (val == NULL)) {
+        /* It may happen with entries in special backends
+         * such like cn=config, cn=shema, cn=monitor...
+         */
+        slapi_log_err(SLAPI_LOG_ERR, SYNC_PLUGIN_SUBSYSTEM,
+                      "sync_create_state_control - Entries are missing nsuniqueid. Unable to proceed.\n");
+        return (LDAP_OPERATIONS_ERROR);
+    }
     uuid = sync_nsuniqueid2uuid(slapi_value_get_string(val));
     if ((rc = ber_printf(ber, "{eo", type, uuid, 16)) != -1) {
         if (cookie) {
-- 
2.31.1
import 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48 2021-06-29 14:02:09 +00:00			`From 81e9e6431293cbdde5b037c88e5c644f39d3d14d Mon Sep 17 00:00:00 2001`
			`From: tbordaz <tbordaz@redhat.com>`
			`Date: Tue, 27 Apr 2021 09:29:32 +0200`
			`Subject: [PATCH 1/2] Issue 4711 - SIGSEV with sync_repl (#4738)`

			`Bug description:`
			`sync_repl sends back entries identified with a unique`
			`identifier that is 'nsuniqueid'. If 'nsuniqueid' is`
			`missing, then it may crash`

			`Fix description:`
			`Check a nsuniqueid is available else returns OP_ERR`

			`relates: https://github.com/389ds/389-ds-base/issues/4711`

			`Reviewed by: Pierre Rogier, James Chapman, William Brown (Thanks!)`

			`Platforms tested: F33`
			`---`
			`ldap/servers/plugins/sync/sync_util.c \| 12 ++++++++++--`
			`1 file changed, 10 insertions(+), 2 deletions(-)`

			`diff --git a/ldap/servers/plugins/sync/sync_util.c b/ldap/servers/plugins/sync/sync_util.c`
			`index e64d519e1..bdba0a6c2 100644`
			`--- a/ldap/servers/plugins/sync/sync_util.c`
			`+++ b/ldap/servers/plugins/sync/sync_util.c`
			`@@ -127,8 +127,8 @@ sync_create_state_control(Slapi_Entry e, LDAPControl *ctrlp, int type, Sync_Co`
			`BerElement *ber;`
			`struct berval *bvp;`
			`char *uuid;`
			`- Slapi_Attr *attr;`
			`- Slapi_Value *val;`
			`+ Slapi_Attr *attr = NULL;`
			`+ Slapi_Value *val = NULL;`

			`if (type == LDAP_SYNC_NONE \|\| ctrlp == NULL \|\| (ber = der_alloc()) == NULL) {`
			`return (LDAP_OPERATIONS_ERROR);`
			`@@ -138,6 +138,14 @@ sync_create_state_control(Slapi_Entry e, LDAPControl *ctrlp, int type, Sync_Co`

			`slapi_entry_attr_find(e, SLAPI_ATTR_UNIQUEID, &attr);`
			`slapi_attr_first_value(attr, &val);`
			`+ if ((attr == NULL) \|\| (val == NULL)) {`
			`+ /* It may happen with entries in special backends`
			`+ * such like cn=config, cn=shema, cn=monitor...`
			`+ */`
			`+ slapi_log_err(SLAPI_LOG_ERR, SYNC_PLUGIN_SUBSYSTEM,`
			`+ "sync_create_state_control - Entries are missing nsuniqueid. Unable to proceed.\n");`
			`+ return (LDAP_OPERATIONS_ERROR);`
			`+ }`
			`uuid = sync_nsuniqueid2uuid(slapi_value_get_string(val));`
			`if ((rc = ber_printf(ber, "{eo", type, uuid, 16)) != -1) {`
			`if (cookie) {`
			`--`
			`2.31.1`