35 lines
1.2 KiB
Diff
35 lines
1.2 KiB
Diff
From c6f2737747cbb70adfdd1a77412b669838f9c419 Mon Sep 17 00:00:00 2001
|
|
From: Rob Crittenden <rcritten@redhat.com>
|
|
Date: Mon, 2 Dec 2019 15:08:54 -0500
|
|
Subject: [PATCH] Fix use-after-free issue
|
|
|
|
The basedn value was freed after the first search but a second
|
|
one could be initiated.
|
|
---
|
|
src/ipa.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/ipa.c b/src/ipa.c
|
|
index 40a4b52c..41ca9081 100644
|
|
--- a/src/ipa.c
|
|
+++ b/src/ipa.c
|
|
@@ -540,7 +540,6 @@ fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
|
|
/* Now look up the root certificates for the domain. */
|
|
snprintf(lfilter, sizeof(lfilter), "(%s=*)", lattrs[0]);
|
|
snprintf(ldn, sizeof(ldn), "%s,%s", relativedn, basedn);
|
|
- free(basedn);
|
|
rc = ldap_search_ext_s(ld, ldn, LDAP_SCOPE_SUBTREE,
|
|
lfilter, lattrs, 0, NULL, NULL, NULL,
|
|
LDAP_NO_LIMIT, &lresult);
|
|
@@ -551,6 +550,7 @@ fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
|
|
lfilter, lattrs, 0, NULL, NULL, NULL,
|
|
LDAP_NO_LIMIT, &lresult);
|
|
}
|
|
+ free(basedn);
|
|
if (rc != LDAP_SUCCESS) {
|
|
fprintf(stderr, "Error searching '%s': %s.\n",
|
|
ldn, ldap_err2string(rc));
|
|
--
|
|
2.21.0
|
|
|