[Date Prev][Date Next]
(ITS#5048) Suspicious use of 'unchecked' limit syncprov
Full_Name: Hallvard B Furuseth
Version: HEAD, RE23
Submission from: (NULL) (126.96.36.199)
Submitted by: hallvard
overlays/syncprov.c:syncprov_findcsn() sets an unchecked limit to 1.
/* We just want to know that at least one exists, so it's OK if
* we exceed the unchecked limit or size limit.
This looks like it can return a false positive if two or more other
entries which the filter would eliminate have the same hash as the
value syncprov searches for.
Also syncprov_findcsn() passes fc_limits uninitialized outside of the
.lms_s_unchecked field to slapd. Valgrind complains in test018 about
.lms_s_pr_hide in back-bdb/search.c:bdb_search(). Tested in HEAD.