[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4741) ppolicy.c improperly discards return value of check_password() function

To: openldap-its@OpenLDAP.org
Subject: (ITS#4741) ppolicy.c improperly discards return value of check_password() function
From: lsherida@nccs.nasa.gov
Date: Thu, 9 Nov 2006 02:20:05 GMT

Full_Name: Lee Sheridan
Version: 2.3.27
OS: Debian GNU/Linux (etch)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (69.168.13.7)


In servers/slapd/overlays/ppolicy.c, check_password_quality function, at
line 530, the value of the 'ok' variable is discarded by unconditionally
assigning it the value LDAP_SUCCESS.

The variable is the return code of the user-defined check_password() function,
which is assigned at line 522.  The next if-then-else block is checking to
see if the module reported an error, at which point 'ok' would be assigned
LDAP_OTHER regardless of what check_password() returned.  A superfluous else
block appears after this check, assigning 'ok' to LDAP_SUCCESS.

It works fine for me if I remove the else block.

Thanks,

Prev by Date: (ITS#4740) SASL bind assert
Next by Date: Re: (ITS#4739) Server crashes every time alias is dereferenced
Index(es):
- Chronological
- Thread