Fix void* pointer arithmetic from ber_bvchr()

[openldap] / servers / slapd / overlays / ppolicy.c

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index dcc1ddef459aace639f6464aaa2d299c574634be..93d93c4c584d495315554a913a98d38bcebd7c7f 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -1155,10 +1155,11 @@ ppolicy_modify( Operation *op, SlapReply *rs )
 {
        slap_overinst           *on = (slap_overinst *)op->o_bd->bd_info;
        pp_info                 *pi = on->on_bi.bi_private;
-       int                     i, rc, mod_pw_only, pwmod, pwmop, deladd,
+       int                     i, rc, mod_pw_only, pwmod, pwmop = -1, deladd,
                                hsize = 0;
        PassPolicy              pp;
-       Modifications           *mods = NULL, *modtail, *ml, *delmod, *addmod;
+       Modifications           *mods = NULL, *modtail = NULL,
+                               *ml, *delmod, *addmod;
        Attribute               *pa, *ha, at;
        const char              *txt;
        pw_hist                 *tl = NULL, *p;
@@ -1186,8 +1187,7 @@ ppolicy_modify( Operation *op, SlapReply *rs )
                a_lock = attr_find( e->e_attrs, ad_pwdAccountLockedTime );
                a_fail = attr_find( e->e_attrs, ad_pwdFailureTime );
 
-               for( prev = &op->oq_modify.rs_modlist, ml = *prev; ml;
-                       prev = &ml->sml_next, ml = *prev ) {
+               for( prev = &op->oq_modify.rs_modlist, ml = *prev; ml; ml = *prev ) {
 
                        if ( ml->sml_desc == slap_schema.si_ad_userPassword )
                                got_pw = 1;
@@ -1217,8 +1217,10 @@ ppolicy_modify( Operation *op, SlapReply *rs )
                                        *prev = ml->sml_next;
                                        ml->sml_next = NULL;
                                        slap_mods_free( ml, 1 );
+                                       continue;
                                }
                        }
+                       prev = &ml->sml_next;
                }
 
                /* If we're resetting the password, make sure grace, accountlock,
@@ -1289,12 +1291,13 @@ ppolicy_modify( Operation *op, SlapReply *rs )
 
        ppolicy_get( op, e, &pp );
 
-       for(ml = op->oq_modify.rs_modlist,
+       for ( ml = op->oq_modify.rs_modlist,
                        pwmod = 0, mod_pw_only = 1,
                        deladd = 0, delmod = NULL,
                        addmod = NULL,
                        zapReset = 1;
-               ml != NULL; modtail = ml, ml = ml->sml_next ) {
+               ml != NULL; modtail = ml, ml = ml->sml_next )
+       {
                if ( ml->sml_desc == pp.ad ) {
                        pwmod = 1;
                        pwmop = ml->sml_op;
@@ -1594,6 +1597,19 @@ do_modify:
                        modtail = mods;
                }
 
+               if (attr_find(e->e_attrs, ad_pwdFailureTime )) {
+                       mods = (Modifications *) ch_malloc( sizeof( Modifications ) );
+                       mods->sml_op = LDAP_MOD_DELETE;
+                       mods->sml_flags = SLAP_MOD_INTERNAL;
+                       mods->sml_type.bv_val = NULL;
+                       mods->sml_desc = ad_pwdFailureTime;
+                       mods->sml_values = NULL;
+                       mods->sml_nvalues = NULL;
+                       mods->sml_next = NULL;
+                       modtail->sml_next = mods;
+                       modtail = mods;
+               }
+
                /* Delete the pwdReset attribute, since it's being reset */
                if ((zapReset) && (attr_find(e->e_attrs, ad_pwdReset ))) {
                        mods = (Modifications *) ch_malloc( sizeof( Modifications ) );