[Date Prev][Date Next] [Chronological] [Thread] [Top]

memory corruption in back-ldap modify (ITS#2362)

To: openldap-its@OpenLDAP.org
Subject: memory corruption in back-ldap modify (ITS#2362)
From: bbillinger@avaya.com
Date: Tue, 11 Mar 2003 15:28:51 GMT

Full_Name: Bryce Billinger
Version: 2.1.15
OS: RedHat Linux 7.3
URL: ftp://ftp.openldap.org/incoming/Bryce-Billinger-030311.patch
Submission from: (NULL) (198.152.13.70)


I am using the back-ldap backend and had a memory corruption that caused the
server to coredump.  This occurred every time a modify request came in.
I am using the server with the #ifdef ENABLE_REWRITE not set.  When a modify
request came in the function ldap_back_dn_massage() simply made the variable mdn
point to dn.  Then, during the cleanup it freed mdn.bv_val.  This is incorrect
because the if statement should have prevented the free because mdn.bv_val ==
dn->bv_val.  
The fix is to take the ifdef statements off of the if statement in the cleanup
section.

Prev by Date: slapi plugin w/sockurl ACLs crashes (ITS#2361)
Next by Date: slurpd core dump on exit (ITS#2363)
Index(es):
- Chronological
- Thread