we need to call ads_first_entry() before using a ldap result,

otherwise we can segv or return garbage
(This used to be commit d1316656b03e2bc85263b65d24977923ee6f39b7)

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index c685ed53abee617ab5974d95a27e735e728dfd0c..0a59c4eb8f4800198acd38828bc2f71f6f736bda 100644 (file)
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -749,14 +749,15 @@ void ads_memfree(ADS_STRUCT *ads, void *mem)
 /**
  * Get a dn from search results
  * @param ads connection to ads server
- * @param res Search results
+ * @param msg Search result
  * @return dn string
  **/
-char *ads_get_dn(ADS_STRUCT *ads, void *res)
+char *ads_get_dn(ADS_STRUCT *ads, void *msg)
 {
        char *utf8_dn, *unix_dn;
 
-       utf8_dn = ldap_get_dn(ads->ld, res);
+       utf8_dn = ldap_get_dn(ads->ld, msg);
+
        pull_utf8_allocate((void **) &unix_dn, utf8_dn);
        ldap_memfree(utf8_dn);
        return unix_dn;
@@ -1078,6 +1079,7 @@ static ADS_STATUS ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname,
 #ifndef ENCTYPE_ARCFOUR_HMAC
        acct_control |= UF_USE_DES_KEY_ONLY;
 #endif
+
        if (!(controlstr = talloc_asprintf(ctx, "%u", acct_control)))
                goto done;
 
@@ -1384,7 +1386,7 @@ ADS_STATUS ads_join_realm(ADS_STRUCT *ads, const char *hostname,
 ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
 {
        ADS_STATUS status;
-       void *res;
+       void *res, *msg;
        char *hostnameDN, *host; 
        int rc;
 
@@ -1398,7 +1400,12 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
            return status;
        }
 
-       hostnameDN = ads_get_dn(ads, (LDAPMessage *)res);
+       msg = ads_first_entry(ads, res);
+       if (!msg) {
+               return ADS_ERROR_SYSTEM(ENOENT);
+       }
+
+       hostnameDN = ads_get_dn(ads, (LDAPMessage *)msg);
        rc = ldap_delete_s(ads->ld, hostnameDN);
        ads_memfree(ads, hostnameDN);
        if (rc != LDAP_SUCCESS) {