1924 – crash with openssl-0.9.7

Issue 1924 - crash with openssl-0.9.7

Summary: crash with openssl-0.9.7

Status:	VERIFIED FIXED

Alias:	None

Product:	OpenLDAP
Classification:	Unclassified
Component:	slapd (show other issues)
Version:	unspecified
Hardware:	All All

Importance:	--- normal
Target Milestone:	---
Assignee:	OpenLDAP project

URL:
Keywords:

Depends on:
Blocks:

Reported:	2002-07-05 12:45 UTC by nospam-openldap@link-up.de
Modified:	2014-08-01 21:06 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description nospam-openldap@link-up.de 2002-07-05 12:45:22 UTC

Full_Name: Thomas
Version: 2.1.2
OS: Linux
URL: 
Submission from: (NULL) (212.172.64.210)


openssl-0.9.7 does not use the ext_free member for certificate
extensions anymore and sets it to 0. Calling method->ext_free() crashes
OpenLDAP. Instead, XXX_free() should be used:

--- ./libraries/libldap/tls.c.tb_orig   Mon Jul  1 18:03:42 2002
+++ ./libraries/libldap/tls.c   Fri Jul  5 14:42:16 2002
@@ -918,7 +918,6 @@
                        int n, len1, len2 = 0;
                        char *domain;
                        GENERAL_NAME *gn;
-                       X509V3_EXT_METHOD *method;
 
                        len1 = strlen(name);
                        n = sk_GENERAL_NAME_num(alt);
@@ -955,8 +954,7 @@
                                }
                        }
 
-                       method = X509V3_EXT_get(ex);
-                       method->ext_free(alt);
+                       GENERAL_NAMES_free(alt);
                        if (i < n) {    /* Found a match */
                                ret = LDAP_SUCCESS;
                        }

Regards,
Thomas

Comment 1 Kurt Zeilenga 2002-07-09 09:48:00 UTC

moved from Incoming to Software Bugs

Comment 2 Kurt Zeilenga 2002-07-09 17:53:26 UTC

changed notes
changed state Open to Release

Comment 3 Howard Chu 2002-07-10 17:58:42 UTC

Thanks, fixed.

Comment 4 Kurt Zeilenga 2002-07-28 12:32:00 UTC

changed notes
changed state Release to Closed

Comment 5 OpenLDAP project 2014-08-01 21:06:24 UTC

fixed in HEAD
fixed in RE21