[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4386) unbind operation crashes slapd using accesslog



Full_Name: Minoru Inachi
Version: 2.3.19
OS: Red Hat Enterprise Linux AS release 3
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (202.32.8.233)


Unbind opration crashes slapd using accesslog overlay.

The cause is acccesslog_unbind() in accessslog.c uses
an uninitialized variable 'op2'.  The veriable 'op2.o_csn'
has a meaningless value, then slap_add_opattrs() in add.c
does not operate correctly.

The function accesslog_abandon() has the same problem.

Patch image is as follows:

--- accesslog.c.org	2006-01-04 07:16:24.000000000 +0900
+++ accesslog.c	2006-02-03 12:46:05.000000000 +0900
@@ -1112,7 +1112,7 @@
 	slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
 	if ( op->o_conn->c_authz_backend == on->on_info->oi_origdb ) {
 		log_info *li = on->on_bi.bi_private;
-		Operation op2;
+		Operation op2 = {0};
 		void *cids[SLAP_MAX_CIDS];
 		SlapReply rs2 = {REP_RESULT};
 		Entry *e;
@@ -1145,7 +1145,7 @@
 {
 	slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
 	log_info *li = on->on_bi.bi_private;
-	Operation op2;
+	Operation op2 = {0};
 	void *cids[SLAP_MAX_CIDS];
 	SlapReply rs2 = {REP_RESULT};
 	Entry *e;