Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 0c98d0d

Browse files
committed
Fix some null pointer dereferences in LDAP auth code
An LDAP URL without a host name such as "ldap://" or without a base DN such as "ldap://localhost" would cause a crash when reading pg_hba.conf. If no binddn is configured, an error message might end up trying to print a null pointer, which could crash on some platforms. Author: Thomas Munro <thomas.munro@enterprisedb.com> Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
1 parent 0e1539b commit 0c98d0d

File tree

2 files changed

+6
-3
lines changed

2 files changed

+6
-3
lines changed

src/backend/libpq/auth.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -2520,7 +2520,8 @@ CheckLDAPAuth(Port *port)
25202520
{
25212521
ereport(LOG,
25222522
(errmsg("could not perform initial LDAP bind for ldapbinddn \"%s\" on server \"%s\": %s",
2523-
port->hba->ldapbinddn, port->hba->ldapserver,
2523+
port->hba->ldapbinddn ? port->hba->ldapbinddn : "",
2524+
port->hba->ldapserver,
25242525
ldap_err2string(r)),
25252526
errdetail_for_ldap(ldap)));
25262527
ldap_unbind(ldap);

src/backend/libpq/hba.c

+4-2
Original file line numberDiff line numberDiff line change
@@ -1739,9 +1739,11 @@ parse_hba_auth_opt(char *name, char *val, HbaLine *hbaline,
17391739
return false;
17401740
}
17411741

1742-
hbaline->ldapserver = pstrdup(urldata->lud_host);
1742+
if (urldata->lud_host)
1743+
hbaline->ldapserver = pstrdup(urldata->lud_host);
17431744
hbaline->ldapport = urldata->lud_port;
1744-
hbaline->ldapbasedn = pstrdup(urldata->lud_dn);
1745+
if (urldata->lud_dn)
1746+
hbaline->ldapbasedn = pstrdup(urldata->lud_dn);
17451747

17461748
if (urldata->lud_attrs)
17471749
hbaline->ldapsearchattribute = pstrdup(urldata->lud_attrs[0]); /* only use first one */

0 commit comments

Comments
 (0)