[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Calysto v1.5 reports on openldap_v2.4.4alpha

On Aug 20, 2007, at 12:02 PM, Domagoj Babic wrote:
Could you please check them out and replace ??? with Yes/No, and
if it's a false positive, write a short explanation.

It seems that most (if not all) of this is simply dereferencing the NULL result of a failed malloc (or the like) memory allocation. I don't consider such derefs of NULL to be bugs in OpenLDAP Software as it done intentionally. That is, the expected behavior of OpenLDAP Software, in general, is to failure abruptly upon malloc(3) failure, either by dereferencing NULL or abort(3)ing.

calysto v1.5 on openldap_v2.4.4alpha: ??/20

FYI, 2.4.4 is old code.

-- Kurt