[SCM] Samba Shared Repository - branch v3-4-test updated -
release-4-0-0alpha7-1047-gb4f6bb8
simo
idra at samba.org
Fri May 22 01:42:20 GMT 2009
On Thu, 2009-05-21 at 18:10 -0700, Jeremy Allison wrote:
> On Thu, May 21, 2009 at 09:06:10PM -0400, simo wrote:
> >
> > Jeremy,
> > have you really observed a case where ret == LDB_SUCCESS but res is
> > NULL ?
>
> Submitter did.
>
> > if that's the case the fix should probably be:
> > if (ret != LDB_SUCCESS || !res || (res->count != 1)) { ...
>
> Yep, I agree and I've fixed it like that in all cases now :-).
> Thanks !
>
> > but the real bug would be in ldb_search and better fixed there.
>
> Unfortunately I'm not as familiar with ldb_search so I'm
> fixing it in the calling case. Andrew Bartlett has already
> checked master to make sure this can't happen there (but
> such paranoia in callers never hurts :-), but I'm guessing
> he hasn't checked in the 3.2 or 3.3 code. If you want to
> do that I'd be very grateful.
Ok just for the records, the bug was only in 3.2 because in there we do
a talloc_steal() before actually check the return code.
*that* is the real bug, however given that there are some abusers out
there I also attached a patch for 3.2 to the bug that will make ldb
always return null on error (this is already fixed in 3.3 (both the
talloc_steal is not there and ldb clears res before returning on
error)).
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
More information about the samba-technical
mailing list