[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5323) dyngroup.c:dgroup_cf() bug
Full_Name: Hallvard B Furuseth
Version: HEAD, RE24
OS:
URL:
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard
overlays/dyngroup.c:dgroup_cf() has some strange LDAP_MOD_DELETE code:
app = (adpair **)&on->on_bi.bi_private;
for (...; ...; ..., app = &ap->ap_next) {
ap = *app;
}
*app = ap->ap_next;
Last statement is a no-op, since *app == *(&ap->ap_next) == ap->ap_next.
I'm not sure what it's intended to do.
Also the first statement makes the void* object bi_private be accessed
as an adpair* object. Breaks the 'strict aliasing' rules, so I guess it
can miscompile. To avoid that, start the code with something like
ap = on->on_bi.bi_private;
app = ≈