[Date Prev][Date Next] [Chronological] [Thread] [Top]

acl.c: string_expand() maybe wrong check for space in buffer (ITS#1963)

Full_Name: Ralf Haferkamp
Version: 2.0.23
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

servers/slapd/acl.c line 1536:

    for ( ; size < 512 && i < l; size++, i++ ) {
        *dp++ = match[i];

It tests for size < 512, but dp (newbuf) could be smaller than that.

I think checking for size < bufsize would be the right thing. Similar does it
the code in HEAD (just with a struct berval).