[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6497) Infinite loop in translucent.c

To: openldap-its@OpenLDAP.org
Subject: (ITS#6497) Infinite loop in translucent.c
From: ondrej.kuznik@acision.com
Date: Mon, 22 Mar 2010 15:39:45 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Ondrej Kuznik
Version: HEAD
OS: 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (62.168.56.1)


Hi,
there is a bug in translucent.c:208 in translucent_cf_gen such that modification
of olcTranslucentRemote or olcTranslucentLocal can trigger an infinite loop,
making the server unresponsive. Please see the attached patch that fixes the
issue and consider including it in your codebase:

--- servers/slapd/overlays/translucent.c        2009-11-30 12:59:06.000000000
+0100
+++ servers/slapd/overlays/fixed.c      2010-03-22 16:23:39.000000000 +0100
@@ -205,7 +205,7 @@
                        i = c->valx;
                        ch_free( (*an)[i].an_name.bv_val );
                        do {
-                               (*an)[i] = (*an)[i+1];
+                               (*an)[i] = (*an)[++i];
                        } while ( !BER_BVISNULL( &(*an)[i].an_name ));
                }
                return 0;

Prev by Date: Re: (ITS#6487) Nssov pam_authz authorizedUserService
Next by Date: Re: (ITS#6490) dds and pcache overlays not checking NULL value
Index(es):
- Chronological
- Thread