[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL regex lookups not mutex protected (ITS#2505)

Full_Name: Simon Wilkinson
Version: 2.1.17 (but verified in CVS)
OS: Linux
URL: ftp://ftp.openldap.org/incoming/SimonWilkinson-030512.diff
Submission from: (NULL) (

The saslauthz.c file uses a static data structure to store the compilations 
of regular expressions (the SaslRegexp array, and the nSaslRegexp int). 
These variables are not protected from simulatenous access by multiple threads.

Symptoms include corruption of regular expression results, due to the offset 
array being changed mid computation, and segmentation faults due to array

Patch is at the URL given . I wasn't sure of the correct place to add the mutex

defintion - I've put its definition, and initialization in init.c with all the 
others, although it is really local to the saslauthz code.

The patch is against 2.1.17, although the issues appear to still be present in 
2.1.19 and CVS HEAD.