From 95c95a4a99a41e175784319259f646f3deffcfe9 Mon Sep 17 00:00:00 2001
From: Andrej Gessel <Andrej.Gessel@janztec.com>
Date: Fri, 6 Apr 2018 18:18:33 +0200
Subject: [PATCH] CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in
 ltdb_index_dn_attr()

Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
---
 lib/ldb/ldb_tdb/ldb_index.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 40baeea5c2b..682469396ce 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1405,6 +1405,15 @@ static int ltdb_index_dn_attr(struct ldb_module *module,
 
 	/* work out the index key from the parent DN */
 	val.data = (uint8_t *)((uintptr_t)ldb_dn_get_casefold(dn));
+	if (val.data == NULL) {
+		const char *dn_str = ldb_dn_get_linearized(dn);
+		ldb_asprintf_errstring(ldb_module_get_ctx(module),
+				       __location__
+				       ": Failed to get casefold DN "
+				       "from: %s",
+				       dn_str);
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
 	val.length = strlen((char *)val.data);
 	key = ltdb_index_key(ldb, ltdb, attr, &val, NULL);
 	if (!key) {
-- 
2.47.2