[Date Prev][Date Next] [Chronological] [Thread] [Top]

invalid GSS authcn crashes slapd (sasl.c) (ITS#2961)

To: openldap-its@OpenLDAP.org
Subject: invalid GSS authcn crashes slapd (sasl.c) (ITS#2961)
From: donn@u.washington.edu
Date: Tue, 10 Feb 2004 00:55:21 GMT

Full_Name: Donn Cave
Version: 2.2.4
OS: Redhat Enterprise
URL: 
Submission from: (NULL) (128.95.135.150)


$ bin/ldapsearch -h hostname -Y gssapi -X cn=myid cn=whatever

This value of -X is invalid (missing "dn:").  When slap_sasl_authorize() gets an
auxvals list
from prop_getnames(), the first entry's "values" field is null.  AC_MEMCPY
crashes.

Something along the lines of the following seems to work better.

--- servers/slapd/sasl.c.dist   2003-12-29 10:10:40.000000000 -0800
+++ servers/slapd/sasl.c        2004-02-09 16:24:37.000000000 -0800
@@ -881,8 +881,12 @@
 
        /* Skip PROP_CONN */
        prop_getnames( props, slap_propnames+1, auxvals );
-
-       AC_MEMCPY( &authcDN, auxvals[0].values[0], sizeof(authcDN) );
+       if (auxvals[0].values)
+               AC_MEMCPY( &authcDN, auxvals[0].values[0], sizeof(authcDN) );
+       else {
+               sasl_seterror( sconn, 0, "not authorized" );
+               return SASL_NOAUTHZ;
+       }
 
        /* Nothing to do if no authzID was given */
        if ( !auxvals[1].name || !auxvals[1].values ) {

Prev by Date: Re: Patch to improve "opeartion deferred" warnings (ITS#2959)
Next by Date: back-ldbm on EBCDIC does not display version (ITS#2962)
Index(es):
- Chronological
- Thread