Home Explore Help
Sign In
RONCC
/
Big-Data-HPC-Platform
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

HPCC-10310 ESP cores and restarts when invalid credentials are presented

Running Fedora, calling ldap_get_option(LDAP_OPT_ERROR_STRING) after submitting
invalid credentials results in a NULL string which is getting passed to strstr
resulting in a core in ESP. This change first checks if there is a valid string
before calling strstr

Signed-off-by: William Whitehead <william.whitehead@lexisnexis.com>
William Whitehead 11 years ago
parent
5c23b6ead6
commit
7d9cd3b5ef
1 changed files with 1 additions and 1 deletions
Unified View Show Diff Stats
  1. 1 1
      system/security/LdapSecurity/ldapconnection.cpp

+ 1 - 1
system/security/LdapSecurity/ldapconnection.cpp
View File 

@@ -1243,7 +1243,7 @@ public:
 
             }
 
             }
 
             if(rc != LDAP_SUCCESS)
 
             if(rc != LDAP_SUCCESS)
 
             {
 
             {
 
-                if (strstr(ldap_errstring, " data "))//if extended error strings are available (they are not in windows clients)
 
+                if (ldap_errstring && *ldap_errstring && strstr(ldap_errstring, " data "))//if extended error strings are available (they are not in windows clients)
 
                 {
 
                 {
 
 #ifdef _DEBUG
 
 #ifdef _DEBUG
 
                     DBGLOG("LDAPBIND ERR: RC=%d, - '%s'", rc, ldap_errstring);
 
                     DBGLOG("LDAPBIND ERR: RC=%d, - '%s'", rc, ldap_errstring);