[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5817) ldapadd crashes with '-' in input

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5817) ldapadd crashes with '-' in input
From: ando@sys-net.it
Date: Tue, 18 Nov 2008 15:29:32 GMT

jsafrane@redhat.com wrote:
> Full_Name: Jan Safranek
> Version: 2.4.12
> OS: Linux (Fedora 9)
> URL: 
> Submission from: (NULL) (89.102.11.105)
> 
> 
> ldapadd crashes with assertion 'ldapadd: encode.c:392: ber_put_string: Assertion
> `str != ((void *)0)' failed.' on following input:
> 
> dn: nisMapName=netgroup.byhost,dc=my-domain,dc=com
> nismapname: netgroup.byhost
> objectClass: top
> objectClass: nisMap
> -
> 
> The reason is probably at ldapmodify.c:445, where the lines containing dash are
> skipped, apparently for modify operations:
> 
> 	if ( line[0] == '-' && !line[1] ) {
> 		BER_BVZERO( btype+i );
> 		freeval[i] = 0;
> 		continue;
> 	}
> 
> ldap_add_ext() seems not to like these empty spaces.

I think the fix belongs to ldap_add_ext(), as other applications may 
well call it with invalid parameters.  I've applied a fix to HEAD code, 
please test.  The fix is

Checking in libraries/libldap/add.c;
/repo/OpenLDAP/pkg/ldap/libraries/libldap/add.c,v  <--  add.c
new revision: 1.32; previous revision: 1.31

It hould apply straightforwardly to the release you're using.

Thanks, p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

Prev by Date: (ITS#5817) ldapadd crashes with '-' in input
Next by Date: (ITS#5818) Limits chapter for Admin Guide
Index(es):
- Chronological
- Thread