My OpenLDAP 2.0 slapd was core dumping in numericStringNormalize() in servers/slapd/schema_init.c. The code points "char *p" and "char *q" to the string, then reads it with "p" and recopies it at "q". If "p" sees a space, it jumps ahead without copying or advancing "q". If there are any spaces in the string, p will get ahead of q. After the copy, there are 3 assert()'s, and the third one, assert( p <= q ), will hit. Although none of these assert()'s should ever hit, the logic of that one is backwards. It should check q <= p. The $0.10 patch for version 1.64 of the file is: --- schema_init.cold Fri Aug 11 09:20:11 2000 +++ schema_init.c Fri Aug 11 09:21:40 2000 @@ -419,7 +419,7 @@ assert( *newval->bv_val ); assert( newval->bv_val < p ); - assert( p <= q ); + assert( q <= p ); /* cannot start with a space */ assert( !ldap_utf8_isspace(newval->bv_val) ); -Mark Adamson Carnegie Mellon
Applied, please test, thanks. At 01:31 PM 8/11/00 +0000, adamson@andrew.cmu.edu wrote: >My OpenLDAP 2.0 slapd was core dumping in numericStringNormalize() in >servers/slapd/schema_init.c. The code points "char *p" and "char *q" to >the string, then reads it with "p" and recopies it at "q". If "p" >sees a space, it jumps ahead without copying or advancing "q". > >If there are any spaces in the string, p will get ahead of q. After the >copy, there are 3 assert()'s, and the third one, assert( p <= q ), will >hit. Although none of these assert()'s should ever hit, the logic of >that one is backwards. It should check q <= p. The $0.10 patch for version >1.64 of the file is: > > >--- schema_init.cold Fri Aug 11 09:20:11 2000 >+++ schema_init.c Fri Aug 11 09:21:40 2000 >@@ -419,7 +419,7 @@ > > assert( *newval->bv_val ); > assert( newval->bv_val < p ); >- assert( p <= q ); >+ assert( q <= p ); > > /* cannot start with a space */ > assert( !ldap_utf8_isspace(newval->bv_val) ); > > > > > -Mark Adamson > Carnegie Mellon
changed notes changed state Open to Closed moved from Incoming to Development
fixed.