attmap_get_value() and optional attributes

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Nalin Dahyabhai <nalin [at] redhat.com>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: attmap_get_value() and optional attributes
Date: Fri, 14 May 2010 18:03:43 -0400

We ran into this in testing today: when nslcd tries to read the values
for an optional, mappable, attribute for an entry, and the no value is
found, the buffer which is used to hold the return value isn't cleared.

A client then gets whatever happened to be in that space earlier as the
attribute value.  In this case, it was a posixAccount entry with no
loginShell value.

Thanks,

Nalin

Store an empty string in the passed-in buffer, even if we don't manage to get
the desired value from the entry.

Index: nslcd/attmap.c
===================================================================
--- nslcd/attmap.c      (revision 1110)
+++ nslcd/attmap.c      (working copy)
@@ -254,6 +254,8 @@
 MUST_USE const char *attmap_get_value(MYLDAP_ENTRY *entry,const char 
*attr,char *buffer,size_t buflen)
 {
   const char **values;
+  if (buflen > 0)
+    buffer[0]='\0';
   /* for simple values just return the attribute */
   if (attr[0]!='"')
   {

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

attmap_get_value() and optional attributes, Nalin Dahyabhai

Re: attmap_get_value() and optional attributes, Arthur de Jong

Prev by Date: Re: Automatic dn to uid mapping
Next by Date: Re: attmap_get_value() and optional attributes
Previous by thread: Re: Automatic dn to uid mapping
Next by thread: Re: attmap_get_value() and optional attributes