Issue 6738 - missing checks for ber errors
Summary: missing checks for ber errors
Status: RESOLVED PARTIAL
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-12-06 08:01 UTC by Hallvard Furuseth
Modified: 2014-08-01 21:04 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description Hallvard Furuseth 2010-12-06 08:01:33 UTC 
Full_Name: Hallvard B Furuseth
Version: HEAD
OS: 
URL: 
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard


There are a fair number of ber calls which do not check for
errors: Just ber_scanf and use the expected output variable,
which may or may not have a useful NULL value on error.

Syncrepl is particularly bad.  This in slapd/ and libldap/:
  egrep '^<tab>*ber_(scanf|get_)' *.c */*.c
returns mostly syncrepl matches.  I can't even fix these
easily because there's not enough error handling code to
copy.

grepping for ber_(printf|put_) find other modules as well.
Comment 1 Hallvard Furuseth 2011-01-17 03:21:17 UTC 
changed notes
changed state Open to Test
moved from Incoming to Software Bugs
Comment 2 Quanah Gibson-Mount 2011-01-26 11:00:53 UTC 
changed notes
changed state Test to Partial
Comment 3 OpenLDAP project 2014-08-01 21:04:33 UTC 
Some fixes in HEAD
Some fixes in RE24