[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4741) ppolicy.c improperly discards return value of check_password() function



lsherida@nccs.nasa.gov wrote:
> Full_Name: Lee Sheridan
> Version: 2.3.27
> OS: Debian GNU/Linux (etch)
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (69.168.13.7)
> 
> 
> In servers/slapd/overlays/ppolicy.c, check_password_quality function, at
> line 530, the value of the 'ok' variable is discarded by unconditionally
> assigning it the value LDAP_SUCCESS.
> 
> The variable is the return code of the user-defined check_password() function,
> which is assigned at line 522.  The next if-then-else block is checking to
> see if the module reported an error, at which point 'ok' would be assigned
> LDAP_OTHER regardless of what check_password() returned.  A superfluous else
> block appears after this check, assigning 'ok' to LDAP_SUCCESS.
> 
> It works fine for me if I remove the else block.
> 
> Thanks,

A fix has been committed to CVS HEAD.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc
   OpenLDAP Core Team            http://www.openldap.org/project/