]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 48a0e77)
source4/dsdb: Fix NULL dereference in attribute_list_from_class()
authorAnoop C S <anoopcs@samba.org>
Tue, 19 May 2026 10:43:40 +0000 (16:13 +0530)
committerMartin Schwenke <martins@samba.org>
Thu, 21 May 2026 02:21:29 +0000 (02:21 +0000)
When dsdb_class_by_lDAPDisplayName_ldb_val() returns NULL due
to a missing class in the schema, the result is passed to
attribute_list_from_class() without validation. The function
immediately dereferences sclass when calling dsdb_attribute_list(),
causing a NULL pointer dereference.

Add NULL check at the entry of attribute_list_from_class() and return
NULL for missing schema classes.

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
source4/dsdb/schema/schema_query.c patch | blob | blame | history

diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c
index aa906d03d4bbbbd4a2b130d7f5c7ceeb336b6ddf..9466d3e43dacb106572b19206e702cd28cd11db2 100644 (file)
--- a/source4/dsdb/schema/schema_query.c
+++ b/source4/dsdb/schema/schema_query.c
@@ -322,6 +322,10 @@ static const char **attribute_list_from_class(TALLOC_CTX *mem_ctx,
        const char **recursive_list;
        const char **attr_list;
 
+       if (sclass == NULL) {
+               return NULL;
+       }
+
        this_class_list = dsdb_attribute_list(mem_ctx, sclass, query);
 
        recursive_list = dsdb_full_attribute_list_internal(mem_ctx, schema,
Mirror of https://github.com/samba-team/samba.git