[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
acl.c: string_expand() maybe wrong check for space in buffer (ITS#1963)
Full_Name: Ralf Haferkamp
Version: 2.0.23
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (213.95.15.201)
servers/slapd/acl.c line 1536:
for ( ; size < 512 && i < l; size++, i++ ) {
*dp++ = match[i];
size++;
}
It tests for size < 512, but dp (newbuf) could be smaller than that.
I think checking for size < bufsize would be the right thing. Similar does it
the code in HEAD (just with a struct berval).