diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2021-03-23 09:28:07 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-03-23 09:29:34 +0100 |
| commit | 482a5f3817a910a53b5439614a7f41ebf75bdefb (patch) | |
| tree | e1a57295f822268ac1a5cbf2bb4cd82278cd6384 | |
| parent | d3d90ad9c00530d0ab8154b51050da12500b44bd (diff) | |
| download | curl-bagder/ldap-valid-ptr.tar.gz | |
openldap: avoid NULL pointer dereferencesbagder/ldap-valid-ptr
Follow-up to a59c33ceffb8f78
Reported-by: Patrick Monnerat
Fixes #6676
Closes #[fill in]
| -rw-r--r-- | lib/openldap.c | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/lib/openldap.c b/lib/openldap.c index d07982217..066c0fd73 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -369,6 +369,9 @@ static CURLcode ldap_disconnect(struct Curl_easy *data, if(li) { if(li->ld) { + Sockbuf *sb; + ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); + ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, NULL); ldap_unbind_ext(li->ld, NULL, NULL); li->ld = NULL; } @@ -726,14 +729,18 @@ static ber_slen_t ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len) { struct Curl_easy *data = sbiod->sbiod_pvt; - struct connectdata *conn = data->conn; - struct ldapconninfo *li = conn->proto.ldapc; - ber_slen_t ret; - CURLcode err = CURLE_RECV_ERROR; + ber_slen_t ret = 0; + if(data) { + struct connectdata *conn = data->conn; + if(conn) { + struct ldapconninfo *li = conn->proto.ldapc; + CURLcode err = CURLE_RECV_ERROR; - ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err); - if(ret < 0 && err == CURLE_AGAIN) { - SET_SOCKERRNO(EWOULDBLOCK); + ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err); + if(ret < 0 && err == CURLE_AGAIN) { + SET_SOCKERRNO(EWOULDBLOCK); + } + } } return ret; } @@ -742,14 +749,17 @@ static ber_slen_t ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len) { struct Curl_easy *data = sbiod->sbiod_pvt; - struct connectdata *conn = data->conn; - struct ldapconninfo *li = conn->proto.ldapc; - ber_slen_t ret; - CURLcode err = CURLE_SEND_ERROR; - - ret = (li->send)(data, FIRSTSOCKET, buf, len, &err); - if(ret < 0 && err == CURLE_AGAIN) { - SET_SOCKERRNO(EWOULDBLOCK); + ber_slen_t ret = 0; + if(data) { + struct connectdata *conn = data->conn; + if(conn) { + struct ldapconninfo *li = conn->proto.ldapc; + CURLcode err = CURLE_SEND_ERROR; + ret = (li->send)(data, FIRSTSOCKET, buf, len, &err); + if(ret < 0 && err == CURLE_AGAIN) { + SET_SOCKERRNO(EWOULDBLOCK); + } + } } return ret; } |