[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: segfault in ldap_back_search() with ENABLE_REWRITE (ITS#2825)

To: openldap-its@OpenLDAP.org
Subject: Re: segfault in ldap_back_search() with ENABLE_REWRITE (ITS#2825)
From: ando@sys-net.it
Date: Thu, 13 Nov 2003 19:37:07 GMT

> Pierangelo Masarati wrote:
>
>>I suggest this patch for OPENLDAP_REL_ENG_2_1 and next 2.1 release.
>>
>>ftp://ftp.openldap.org/incoming/its-2825.patch
>>
>>Ando.
>>
>>
> Why do you say that it should not happen ??
> Is it not allowed to do SASL bind on subordinate back-ldap ?  Am I doing
>  something wrong ?

In my opinion, an empty DN is represented by a berval
with 0 length pointing to a "".  Everything else is wrong.
Besides, it's unclear to me what a base has to do with
sasl auth{c|z}

> What about filterstr ? it too is passed as NULL by slap_sasl2dn() and
> derefenenced unconditionally.

where?  In any case, one of the reasons of using bervals
instead of char*s was exactly to avoid having to check for
NULL pointers and calling strlen() all the times.  Now
all struct berval*s should be assert()ed, and a null
berval'ed field should be tested as bv->bv_val == NULL while
an empty one should be tested as bv->bv_len != 0.  In my
opinion, a NULL base is totally meaningless; an empty base
makes sense.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

Prev by Date: RE: segfault in ldap_back_search() with ENABLE_REWRITE (ITS#2825)
Next by Date: Re: segfault in ldap_back_search() with ENABLE_REWRITE (ITS#2825)
Index(es):
- Chronological
- Thread