From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 30 Nov 2010 16:59:49 +0000 (-0500)
Subject: Make sure we don't dereference a NULL handle.
X-Git-Tag: SUDO_1_7_5~93
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2faf8b558d1bb02964dae7cf2372d79e895254b8;p=sudo

Make sure we don't dereference a NULL handle.

--HG--
branch : 1.7
---

diff --git a/ldap.c b/ldap.c
index 79b160664..7ab90e1a4 100644
--- a/ldap.c
+++ b/ldap.c
@@ -1392,13 +1392,14 @@ sudo_ldap_display_defaults(nss, pw, lbuf)
     struct berval **bv, **p;
     struct ldap_config_list_str *base;
     struct sudo_ldap_handle *handle = nss->handle;
-    LDAP *ld = handle->ld;
+    LDAP *ld;
     LDAPMessage *entry, *result;
     char *prefix;
     int rc, count = 0;
 
-    if (ld == NULL)
+    if (handle == NULL || handle->ld == NULL)
 	goto done;
+    ld = handle->ld;
 
     for (base = ldap_conf.base; base != NULL; base = base->next) {
 	result = NULL;
@@ -1618,13 +1619,14 @@ sudo_ldap_display_privs(nss, pw, lbuf)
     struct lbuf *lbuf;
 {
     struct sudo_ldap_handle *handle = nss->handle;
-    LDAP *ld = handle->ld;
-    struct ldap_result*lres;
+    LDAP *ld;
+    struct ldap_result *lres;
     LDAPMessage *entry;
     int i, count = 0;
 
-    if (ld == NULL)
+    if (handle == NULL || handle->ld == NULL)
 	goto done;
+    ld = handle->ld;
 
     DPRINTF(("ldap search for command list"), 1);
     lres = sudo_ldap_result_get(nss, pw);
@@ -1648,13 +1650,14 @@ sudo_ldap_display_cmnd(nss, pw)
     struct passwd *pw;
 {
     struct sudo_ldap_handle *handle = nss->handle;
-    LDAP *ld = handle->ld;
+    LDAP *ld;
     struct ldap_result *lres;
     LDAPMessage *entry;
     int i, found = FALSE;
 
-    if (ld == NULL)
+    if (handle == NULL || handle->ld == NULL)
 	goto done;
+    ld = handle->ld;
 
     /*
      * The sudo_ldap_result_get() function returns all nodes that match
@@ -2033,12 +2036,13 @@ sudo_ldap_setdefs(nss)
 {
     struct ldap_config_list_str *base;
     struct sudo_ldap_handle *handle = nss->handle;
-    LDAP *ld = handle->ld;
+    LDAP *ld;
     LDAPMessage *entry, *result;
     int rc;
 
-    if (ld == NULL)
+    if (handle == NULL || handle->ld == NULL)
 	return(-1);
+    ld = handle->ld;
 
     for (base = ldap_conf.base; base != NULL; base = base->next) {
 	result = NULL;
@@ -2067,14 +2071,15 @@ sudo_ldap_lookup(nss, ret, pwflag)
     int pwflag;
 {
     struct sudo_ldap_handle *handle = nss->handle;
-    LDAP *ld = handle->ld;
+    LDAP *ld;
     LDAPMessage *entry;
     int i, rc, setenv_implied, matched = UNSPEC;
     struct passwd *pw = list_pw ? list_pw : sudo_user.pw;
     struct ldap_result *lres = NULL;
 
-    if (ld == NULL)
+    if (handle == NULL || handle->ld == NULL)
 	return(ret);
+    ld = handle->ld;
 
     /* Fetch list of sudoRole entries that match user and host. */
     lres = sudo_ldap_result_get(nss, pw);