From 3f95957d6de321c803a66f3ec67a8ff09befd16d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 21 May 2018 14:50:50 +1200
Subject: [PATCH] CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in
 ldb_sqlite

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
---
 ldb_sqlite3/ldb_sqlite3.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ldb_sqlite3/ldb_sqlite3.c b/lib/ldb/ldb_sqlite3/ldb_sqlite3.c
index f94dc993904..0f5abf87547 100644
--- a/ldb_sqlite3/ldb_sqlite3.c
+++ b/ldb_sqlite3/ldb_sqlite3.c
@@ -323,6 +323,9 @@ static char *parsetree_to_sql(struct ldb_module *module,
 		 	const char *cdn = ldb_dn_get_casefold(
 						ldb_dn_new(mem_ctx, ldb,
 							      (const char *)value.data));
+			if (cdn == NULL) {
+				return NULL;
+			}
 
 			return lsqlite3_tprintf(mem_ctx,
 						"SELECT eid FROM ldb_entry "
-- 
2.18.0