From 72a4707bd4a5265f0419d591fa8166251674178d Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Fri, 5 Jun 2020 21:08:36 +0200 Subject: [PATCH] Fix NULL deref and checks in LDAPmessage_to_python The function LDAPmessage_to_python() had some potential NULL pointer derefs and missed a couple of errors checks. It's still not perfect but a bit better now. https://github.com/python-ldap/python-ldap/pull/342 Signed-off-by: Christian Heimes --- Modules/message.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/Modules/message.c b/Modules/message.c index d225a1d..22aa313 100644 --- a/Modules/message.c +++ b/Modules/message.c @@ -273,20 +273,35 @@ LDAPmessage_to_python(LDAP *ld, LDAPMessage *m, int add_ctrls, valuestr = LDAPberval_to_object(retdata); ber_bvfree(retdata); + if (valuestr == NULL) { + ldap_memfree(retoid); + Py_DECREF(result); + ldap_msgfree(m); + return NULL; + } + pyoid = PyUnicode_FromString(retoid); ldap_memfree(retoid); if (pyoid == NULL) { + Py_DECREF(valuestr); + Py_DECREF(result); + ldap_msgfree(m); + return NULL; + } + + valtuple = Py_BuildValue("(NNN)", pyoid, valuestr, pyctrls); + if (valtuple == NULL) { + Py_DECREF(result); + ldap_msgfree(m); + return NULL; + } + + if (PyList_Append(result, valtuple) == -1) { + Py_DECREF(valtuple); Py_DECREF(result); ldap_msgfree(m); return NULL; } - valtuple = Py_BuildValue("(OOO)", pyoid, - valuestr ? valuestr : Py_None, - pyctrls); - Py_DECREF(pyoid); - Py_DECREF(valuestr); - Py_XDECREF(pyctrls); - PyList_Append(result, valtuple); Py_DECREF(valtuple); } }