[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5692) literal constant 8192 used instead of SLAP_LDAPDN_MAXLEN

To: openldap-its@OpenLDAP.org
Subject: (ITS#5692) literal constant 8192 used instead of SLAP_LDAPDN_MAXLEN
From: andreas.moroder@gmx.net
Date: Tue, 9 Sep 2008 13:08:44 GMT

Full_Name: Andreas Moroder
Version: 2.4.11
OS: Suse Linux 10.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (151.47.3.213)


Hello,

in
/servers/slapd/bconfig.c
/libraries/libldap_r/tls.c
/libraries/libldap_r/tls.c
./libraries/liblber/stdio.c
/libraries/liblunicode/ucdata/ucgendat.c
/contrib/slapd-modules/lastmod/lastmod.c

the literal value 8192 is used for array sizes instead of SLAP_LDAPDN_MAXLEN 
8192
defined in /servers/slapd/slap.h  

I think this could become a problem if SLAP_LDAPDN_MAXLEN grows in a future
release.

A question from a newbie:
What happens in a mixed environment with a never version with bigger
SLAP_LDAPDN_MAXLEN that replicates his entries to a version with
SLAP_LDAPDN_MAXLEN at 8192 ?
Isn't it wrong not to check for a buffer owerflow when strings are concantenated
and suppose that the data we use does not exceed the limit ?

Bye
Andreas

Prev by Date: (ITS#5691) malloc withou check
Next by Date: Re: (ITS#5665) slapd crashing with slapo-pcache when using attrset "*"
Index(es):
- Chronological
- Thread