[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4875) fix for bug in passfile.c -- infinite loop when password file is pipe/FIFO/tty/etc

Full_Name: Mark Seecof
Version: 2.3.34
OS: Linux
URL: ftp://ftp.openldap.org/incoming/MARK-SEECOF-070313.patch
Submission from: (NULL) (

When you ask an OpenLDAP tool such as ldapsearch(1) to read a password from a
file which is a pipe, FIFO, tty/pty, or other special file, the tool will go
into an infinite loop in function lutil_get_filed_password() (from

The problem is a bug in lutil_get_filed_password():  it calls fstat() on the
password file, then enters a loop attempting to read st_size bytes from the file
until it reaches EOF.  For pipes, FIFO's, tty's, etc. st_size is typically 0, so
the loop never finishes--you may read 0 bytes from the file an infinite number
of times without ever reaching the end!  (Actually, fread(,,0,) is a no-op.)

This bug only requires a one-line fix (though I actually propose to change two
lines).  We simply eliminate the check on st_size and attempt to read a
buffer-full of bytes.  The existing code cheerfully copes with that many bytes,
fewer, or more...

(My second change is to the default buffer size, to make it more efficient.)


  echo -n "password" | ldapsearch -U user -Y Digest-MD5 -y /dev/stdin


  mknod pw_fifo p
  echo -n "password" > pw_fifo &
  ldapsearch -U user -Y Digest-MD5 -y pw_fifo '(foo=bar)'

Please retrieve my patch from MARK-SEECOF-070313.patch

I, Mark Seecof, hereby place the modifications to OpenLDAP Software I supply in
MARK-SEECOF-070313.patch (and only these modifications) into the public domain.
Hence, these modifications may be freely used and/or redistributed for any
purpose with or without attribution and/or other notice.