[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5050) array bounds violation in test045-syncreplication-proxied

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5050) array bounds violation in test045-syncreplication-proxied
From: hyc@symas.com
Date: Mon, 8 Oct 2007 10:18:27 GMT

h.b.furuseth@usit.uio.no wrote:
> Full_Name: Hallvard B Furuseth
> Version: HEAD, RE23
> OS: Linux
> URL: 
> Submission from: (NULL) (129.240.202.105)
> Submitted by: hallvard
> 
> 
> syncprov + back-ldap, and presumably + back-meta if that were used,
> give an array bounds violation in test045-syncreplication-proxied:
> 
> syncprov_db_open() uses connection_fake_init(), which sets op->o_tag=0.
> It passes op to back-ldap.
> 
> ldap_back_op_result() assumes op is a known LDAP request: It calls
> slap_req2op() and gets SLAP_OP_LAST (for unknown tag).  That is used as
> an index into ldapinfo_t.li_timeout[], which has size SLAP_OP_LAST.
> 
> back-meta/bind.c does the same in meta_back_bind_op_result() and
> meta_back_op_result().

I fixed back-ldap but I believe the same fix is still needed in back-meta.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/

Prev by Date: Re: Sync replication failure during startup.
Next by Date: Re: Sync replication failure during startup.
Index(es):
- Chronological
- Thread