moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-02-28 17:31:46 -05:00
Code Issues Releases Wiki Activity

openldap: check ldap_get_attribute_ber() results for NULL before using

Browse Source 
CVE-2018-1000121
Reported-by: Dario Weisser
Bug: https://curl.haxx.se/docs/adv_2018-97a2.html
This commit is contained in:
Daniel Stenberg 2018-03-06 23:02:16 +01:00
parent 535432c0ad
commit 9889db0433
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/openldap.c
View File

@ -473,7 +473,7 @@ static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf,
for(ent = ldap_first_message(li->ld, msg); ent;
ent = ldap_next_message(li->ld, ent)) {
struct berval bv, *bvals, **bvp = &bvals;
struct berval bv, *bvals;
int binary = 0, msgtype;
CURLcode writeerr;
@ -535,9 +535,9 @@ static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf,
}
data->req.bytecount += bv.bv_len + 5;
for(rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, bvp);
rc == LDAP_SUCCESS;
rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, bvp)) {
for(rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals);
(rc == LDAP_SUCCESS) && bvals;
rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals)) {
int i;
if(bv.bv_val == NULL) break;