CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
authorAndrew Bartlett <abartlet@samba.org>
Mon, 21 May 2018 02:50:50 +0000 (14:50 +1200)
committerKarolin Seeger <kseeger@samba.org>
Tue, 14 Aug 2018 11:57:15 +0000 (13:57 +0200)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374

lib/ldb/ldb_sqlite3/ldb_sqlite3.c

index f94dc993904ba4673647c9056d94caeebc2c7677..0f5abf875472d5202bdc0a243690bf03551848d0 100644 (file)
@@ -323,6 +323,9 @@ static char *parsetree_to_sql(struct ldb_module *module,
                        const char *cdn = ldb_dn_get_casefold(
                                                ldb_dn_new(mem_ctx, ldb,
                                                              (const char *)value.data));
+                       if (cdn == NULL) {
+                               return NULL;
+                       }
 
                        return lsqlite3_tprintf(mem_ctx,
                                                "SELECT eid FROM ldb_entry "