Full_Name: Ralf Haferkamp Version: 2.1.12, HEAD OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (213.95.15.201) If slap_passwd_parse returns something != LDAP_SUCCESS the code tries to free ndn->bv_val but this might be uninitialized and the server segfaults. The following small patch should fix this problem: --- servers/slapd/back-ldbm/passwd.c 2003/03/20 13:55:24 1.1 +++ servers/slapd/back-ldbm/passwd.c 2003/03/20 13:56:09 @@ -38,8 +38,8 @@ struct berval id = { 0, NULL }; struct berval new = { 0, NULL }; - struct berval dn; - struct berval ndn; + struct berval dn = { 0, NULL }; + struct berval ndn = { 0, NULL }; assert( reqoid != NULL ); assert( strcmp( LDAP_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
changed notes changed state Open to Test moved from Incoming to Software Bugs
Fixed in HEAD, please test. Thanks, Kurt At 07:27 AM 3/20/2003, rhafer@suse.de wrote: >Full_Name: Ralf Haferkamp >Version: 2.1.12, HEAD >OS: Linux >URL: ftp://ftp.openldap.org/incoming/ >Submission from: (NULL) (213.95.15.201) > > >If slap_passwd_parse returns something != LDAP_SUCCESS the code tries to free >ndn->bv_val but this might be uninitialized and the server segfaults. >The following small patch should fix this problem: > >--- servers/slapd/back-ldbm/passwd.c 2003/03/20 13:55:24 1.1 >+++ servers/slapd/back-ldbm/passwd.c 2003/03/20 13:56:09 >@@ -38,8 +38,8 @@ > struct berval id = { 0, NULL }; > struct berval new = { 0, NULL }; > >- struct berval dn; >- struct berval ndn; >+ struct berval dn = { 0, NULL }; >+ struct berval ndn = { 0, NULL }; > > assert( reqoid != NULL ); > assert( strcmp( LDAP_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
changed notes changed state Test to Release
Hi, Works for me now. On Sat, Mar 22, 2003 at 03:35:43PM +0000, Kurt D. Zeilenga wrote: > Fixed in HEAD, please test. Thanks, Kurt -- Thanks, Ralf
changed notes changed state Release to Closed
moved from Software Bugs to Archive.Software Bugs
fixed in HEAD fixed in re21