[PATCH] auth: ldap - Fix crash if users are iterated, but userdb_ldap_iterate_fields...
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Thu, 6 Nov 2025 12:52:37 +0000 (14:52 +0200)
committerNoah Meyerhans <noahm@debian.org>
Wed, 26 Nov 2025 01:01:05 +0000 (20:01 -0500)
From 576a2f52bff4c13971d9e6d1172857a4f18ddd14 Mon Sep 17 00:00:00 2001
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121000

Gbp-Pq: Name bug1121000_dovecot-ldap_Crash_if_iterate_filter_is_set_but_iterate_fields_is_not_set.patch

src/auth/userdb-ldap.c

index 21f127c11e2628ca39df49da581d0c97515c3c33..781b0970ea2215434a32f978890911758e536ba0 100644 (file)
@@ -201,8 +201,11 @@ static void userdb_ldap_iterate_callback(struct ldap_connection *conn,
                         &set, &error) < 0) {
                e_error(event, "%s", error);
                ctx->ctx.failed = TRUE;
-       }
-       else {
+       } else if (!array_is_created(&set->iterate_fields)) {
+               e_error(event, "iterate: No userdb_ldap_iterate_fields specified");
+               ctx->ctx.failed = TRUE;
+               settings_free(set);
+       } else {
                unsigned int count;
                const char *const *items = array_get(&set->iterate_fields, &count);
                for (unsigned int ndx = 0; ndx < count - 1;) {