Bug 1636172

Summary: crash in ldb_msg_find_ldb_val
Product: Red Hat Enterprise Linux 6 Reporter: German Parente <gparente>
Component: sssdAssignee: Michal Zidek <mzidek>
Status: CLOSED ERRATA QA Contact: sssd-qe <sssd-qe>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.10CC: bilias, cpelland, ekeck, grajaiya, jhrozek, lmanasko, lslebodn, mzidek, nsoman, pbrezina, sgoveas, tscherf
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.13.3-60.el6_10.2 Doc Type: Bug Fix
Doc Text:
Previously, there was an unchecked return value in the sssd_pam module code. As a consequence, sssd_pam sometimes terminated unexpectedly. With this update, the return value from function in question is properly checked. As a result, sssd_pam no longer crashes.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-01-15 13:21:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description German Parente 2018-10-04 16:04:16 UTC 
Description of problem:

seems this should be a backport of
 
https://bugzilla.redhat.com/show_bug.cgi?id=1366266

to RHEL6:
=========================
        if (preq->pd->name_is_upn) {
            ret = sysdb_search_user_by_upn(preq, dom, name, user_attrs, &msg);

            /* Since sysdb_search_user_by_upn() searches the whole cache we
             * have to set the domain so that it matches the result. */
            sysdb_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
            if (sysdb_name == NULL) {
                DEBUG(SSSDBG_CRIT_FAILURE, "Cached entry has no name.\n");
                return EINVAL;
            }

================================

A customer is hitting this bug. where the sysdb_search_user_by_upn ret is not checked.

Version-Release number of selected component (if applicable): sssd-1.13.3-60.el6
Comment 9 Michal Zidek 2018-11-07 14:15:50 UTC 
Hello Namita,

can you please QE ack for this 6.10.z BZ.
Comment 18 errata-xmlrpc 2019-01-15 13:21:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0063
Comment 19 Martin Kosek 2019-05-14 12:26:43 UTC 
*** Bug 1602025 has been marked as a duplicate of this bug. ***