From f9e2885d51bf585bec2d5ffeda4f9e5e1a723f4d Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Fri, 10 Nov 2017 14:21:32 -0500
Subject: Fix some null pointer dereferences in LDAP auth code

An LDAP URL without a host name such as "ldap://" or without a base DN
such as "ldap://localhost" would cause a crash when reading pg_hba.conf.

If no binddn is configured, an error message might end up trying to print a
null pointer, which could crash on some platforms.

Author: Thomas Munro <thomas.munro@enterprisedb.com>
Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
---
 src/backend/libpq/auth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/backend/libpq/auth.c')

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index cb30fc7b714..547f1f770aa 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -2474,7 +2474,8 @@ CheckLDAPAuth(Port *port)
 		{
 			ereport(LOG,
 					(errmsg("could not perform initial LDAP bind for ldapbinddn \"%s\" on server \"%s\": %s",
-							port->hba->ldapbinddn, port->hba->ldapserver, ldap_err2string(r))));
+							port->hba->ldapbinddn ? port->hba->ldapbinddn : "",
+							port->hba->ldapserver, ldap_err2string(r))));
 			pfree(passwd);
 			return STATUS_ERROR;
 		}
-- 
cgit v1.2.3