[Date Prev][Date Next] [Chronological] [Thread] [Top]

overflows in back-passwd/search.c function pw2entry() (ITS#2046)

To: openldap-its@OpenLDAP.org
Subject: overflows in back-passwd/search.c function pw2entry() (ITS#2046)
From: rhafer@suse.de
Date: Mon, 26 Aug 2002 09:03:14 GMT

Full_Name: Ralf Haferkamp
Version: 2.0.X, HEAD
OS: 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (213.95.15.201)


Overflows via sprintf() and strcpy()/strcat(). Could use snprintf(). Even if the
input is from passwd-file it may overflow since some parts are usercontrolled
(e.g. gecos).

Prev by Date: Re: configure fails to recognize Berkeley db-4.0 (ITS#2045)
Next by Date: Fwd: Re: err=20 when rdn attr name is different that attr name in object (ITS#1997)
Index(es):
- Chronological
- Thread