[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
memory corruption in back-ldap modify (ITS#2362)
Full_Name: Bryce Billinger
Version: 2.1.15
OS: RedHat Linux 7.3
URL: ftp://ftp.openldap.org/incoming/Bryce-Billinger-030311.patch
Submission from: (NULL) (198.152.13.70)
I am using the back-ldap backend and had a memory corruption that caused the
server to coredump. This occurred every time a modify request came in.
I am using the server with the #ifdef ENABLE_REWRITE not set. When a modify
request came in the function ldap_back_dn_massage() simply made the variable mdn
point to dn. Then, during the cleanup it freed mdn.bv_val. This is incorrect
because the if statement should have prevented the free because mdn.bv_val ==
dn->bv_val.
The fix is to take the ifdef statements off of the if statement in the cleanup
section.