If a password change is requested for a non-existent user, ipa_kpasswd will segfault.
#4 0x4ca7cd77 in __GI___assert_fail (assertion=0x4e7862a3 "entry != ((void *)0)", file=0x4e786150 "../../../libraries/libldap/getdn.c", line=96, function=0x4e7864a0 "ldap_get_dn") at assert.c:105 #5 0x4e76340d in ldap_get_dn (ld=0x8ad0c30, entry=0x0) at ../../../libraries/libldap/getdn.c:96 #6 0x0804b022 in ldap_pwd_change (client_name=0x8acd7c0 "<username>@<REALM>", realm_name=0x8acb4c0 "<REALM>", pwd=..., errstr=0xbffa982c) at ipa_kpasswd.c:467
The problem is that it looks up the user entry, but doesn't check that it succeeded.
master: a797f90
ipa-2-1: 7879079
Metadata Update from @ssieb: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 2.1.1 (bug fixing)
Login to comment on this ticket.