From 803a44777f901217d634f8fd7feed8b66ece352a Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 24 May 2023 20:06:55 +0300
Subject: [PATCH] ipa-kdb: protect against context corruption

Early in startup LDAP server might not respond well yet and
should_support_pac_tkt_sign() will bail out with
KRB5_KDB_SERVER_INTERNAL_ERR. We should postpone this call but for time
being we should prevent a crash.

Crash happens because init_module() returns with an error and KDC then
calls fini_module() which will free the DB context which is already
corrupted for some reason.

Do not call any free() call because the whole context is corrupted as
tests do show.

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Julien Rische <jrische@redhat.com>
---
 daemons/ipa-kdb/ipa_kdb.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c
index 36f127be0..2b09c40da 100644
--- a/daemons/ipa-kdb/ipa_kdb.c
+++ b/daemons/ipa-kdb/ipa_kdb.c
@@ -49,6 +49,11 @@ static void ipadb_context_free(krb5_context kcontext,
     size_t c;
 
     if (*ctx != NULL) {
+        if ((*ctx)->magic != IPA_CONTEXT_MAGIC) {
+            krb5_klog_syslog(LOG_ERR, "IPA context is corrupted");
+            *ctx = NULL;
+            return;
+        }
         free((*ctx)->uri);
         free((*ctx)->base);
         free((*ctx)->realm_base);