[Date Prev][Date Next] [Chronological] [Thread] [Top]

sb_sasl_write doesn't handle partial writes (ITS#2211)



Full_Name: Mattias Ellert
Version: 2.0.22 / 2.0.27 / 2.1.8
OS: linux
URL: http://grid.tsl.uu.se/openldap/
Submission from: (NULL) (130.238.68.12)


We are using version 2.0.22 and found that the SASL authenticated searches
failed if the size of the transferred entries are large. I traced to reason for
this to the fact that the sb_sasl_write function doesn't handle the case when
the ber_pvt_sb_do_write function returns without having written the entire
content of the private SASL buffer correctly.

I downloaded the sources for the more recent versions (2.0.27 and 2.1.8) from
www.openldap.org and saw that the problem still exists.

(My original 2.0.22 patch also fixed the problem with the limited size of the
SASL buffer -- which has been fixed in 2.0.27 and 2.1.8 -- the problem with the
partially written buffer still exists in these versions.)

You can find the patch (for different version) at

http://grid.tsl.uu.se/openldap/openldap-2.0.22.patch
http://grid.tsl.uu.se/openldap/openldap-2.0.27.patch
http://grid.tsl.uu.se/openldap/openldap-2.1.8.patch