[Pkg-sssd-devel] Bug#839087: 'su Debian-exim' causes sssd (LDAP) to segfault

Wed Sep 28 19:09:08 UTC 2016

I won't claim this patch is anything other than a quick kludge, but it 
stops the segfaulting for me...

First bit is putting a null guard around that block (all the changes are 
just diff getting confused).


-------------- next part --------------
Index: sssd-1.13.4/src/providers/ldap/sdap_async_initgroups.c
===================================================================

--- sssd-1.13.4.orig/src/providers/ldap/sdap_async_initgroups.c
+++ sssd-1.13.4/src/providers/ldap/sdap_async_initgroups.c
@@ -2884,29 +2884,31 @@ static void sdap_get_initgr_user(struct
         }
     }
 
-    ret = sysdb_transaction_start(state->sysdb);
-    if (ret) {
-        DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
-        goto fail;
-    }
-    in_transaction = true;
+    if (state->orig_user) { /* quick hack to stop segfaults -- Anthony */
+        ret = sysdb_transaction_start(state->sysdb);
+        if (ret) {
+            DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
+            goto fail;
+        }
+        in_transaction = true;
 
-    DEBUG(SSSDBG_TRACE_ALL, "Storing the user\n");
+        DEBUG(SSSDBG_TRACE_ALL, "Storing the user\n");
 
-    ret = sdap_save_user(state, state->opts, state->dom, state->orig_user,
-                         NULL, 0);
-    if (ret) {
-        goto fail;
-    }
+        ret = sdap_save_user(state, state->opts, state->dom, state->orig_user,
+                             NULL, 0);
+        if (ret) {
+            goto fail;
+        }
 
-    DEBUG(SSSDBG_TRACE_ALL, "Commit change\n");
+        DEBUG(SSSDBG_TRACE_ALL, "Commit change\n");
 
-    ret = sysdb_transaction_commit(state->sysdb);
-    if (ret) {
-        DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction\n");
-        goto fail;
+        ret = sysdb_transaction_commit(state->sysdb);
+        if (ret) {
+            DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction\n");
+            goto fail;
+        }
+        in_transaction = false;
     }
-    in_transaction = false;
 
     ret = sysdb_get_real_name(state, state->dom, state->name, &cname);
     if (ret != EOK) {
Index: sssd-1.13.4/src/db/sysdb.c
===================================================================
--- sssd-1.13.4.orig/src/db/sysdb.c
+++ sssd-1.13.4/src/db/sysdb.c
@@ -323,6 +323,9 @@ int sysdb_attrs_get_el_ext(struct sysdb_
     struct ldb_message_element *e = NULL;
     int i;
 
+    if (!attrs)
+        return EINVAL;
+
     for (i = 0; i < attrs->num; i++) {
         if (strcasecmp(name, attrs->a[i].name) == 0)
             e = &(attrs->a[i]);
