8000 Fix some null pointer dereferences in LDAP auth code · koderP/postgres@9efd83b · GitHub
[go: up one dir, main page]
Skip to content

Commit 9efd83b

Browse files
peterepetere
committed
Fix some null pointer dereferences in LDAP auth code
An LDAP URL without a host name such as "ldap://" or without a base DN such as "ldap://localhost" would cause a crash when reading pg_hba.conf. If no binddn is configured, an error message might end up trying to print a null pointer, which could crash on some platforms. Author: Thomas Munro <thomas.munro@enterprisedb.com> Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
1 parent 2d7e35b commit 9efd83b

File tree

2 files changed

+6
-3
lines changed

2 files changed

+6
-3
lines changed

src/backend/libpq/auth.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2018,7 +2018,8 @@ CheckLDAPAuth(Port *port)
20182018
{
20192019
ereport(LOG,
20202020
(errmsg("could not perform initial LDAP bind for ldapbinddn \"%s\" on server \"%s\": %s",
2021-
port->hba->ldapbinddn, port->hba->ldapserver, ldap_err2string(r))));
2021+
port->hba->ldapbinddn ? port->hba->ldapbinddn : "",
2022+
port->hba->ldapserver, ldap_err2string(r))));
20222023
return STATUS_ERROR;
20232024
}
20242025

src/backend/libpq/hba.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1464,9 +1464,11 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline, int line_num)
14641464
return false;
14651465
}
14661466

1467-
hbaline->ldapserver = pstrdup(urldata->lud_host);
1467+
if (urldata->lud_host)
1468+
hbaline->ldapserver = pstrdup(urldata->lud_host);
14681469
hbaline->ldapport = urldata->lud_port;
1469-
hbaline->ldapbasedn = pstrdup(urldata->lud_dn);
1470+
if (urldata->lud_dn)
1471+
hbaline->ldapbasedn = pstrdup(urldata->lud_dn);
14701472

14711473
if (urldata->lud_attrs)
14721474
hbaline->ldapsearchattribute = pstrdup(urldata->lud_attrs[0]); /* only use first one */

0 commit comments

Comments
 (0)
0