[Date Prev][Date Next]
(ITS#4495) Bad use of lutil_atoi() in str2result()
Full_Name: Hallvard B Furuseth
Version: HEAD, 2.3.13-2.3.21
Submission from: (NULL) (220.127.116.11)
Submitted by: hallvard
slapd/result.c:str2result() uses lutil_atoi() on a result code which is
terminated by newline - which atoi() accepts, but lutil_atoi() does not.
Fix: slapd/result.c 1.292 (reverting 1.276).
The documentation about how to return search results is confusing.
Fix: doc/man/man5/slapd-shell.5 1.17.
Back-shell needs other cleanup, though these are not fatal:
return LDAP_OTHER to client for bad shell script output,
A better variant of the lutil_atoi() call,
strip whitespace from shell output,
remove newlines from log lines,
maybe use existing LDIF input functions (haven't looked yet).