[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5048) Suspicious use of 'unchecked' limit syncprov

Full_Name: Hallvard B Furuseth
Version: HEAD, RE23
Submission from: (NULL) (
Submitted by: hallvard

overlays/syncprov.c:syncprov_findcsn() sets an unchecked limit to 1.
findcsn_cb() says
	/* We just want to know that at least one exists, so it's OK if
	 * we exceed the unchecked limit or size limit.

This looks like it can return a false positive if two or more other
entries which the filter would eliminate have the same hash as the
value syncprov searches for.

Also syncprov_findcsn() passes fc_limits uninitialized outside of the
.lms_s_unchecked field to slapd.  Valgrind complains in test018 about
.lms_s_pr_hide in back-bdb/search.c:bdb_search().  Tested in HEAD.