[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5937) Apparent mistake in ipv6 address handling in tls.c



nick.hudson@isode.com wrote:
> Full_Name: nick hudson
> Version: 2.3.38
> OS: linux
> URL:
> Submission from: (NULL) (62.3.217.250)
>
>
> I think there is a bug in libraries/libldap/tls.c - specifically in this
> section:
>
> #ifdef LDAP_PF_INET6
>          if (name[0] == '['&&  strchr(name, ']')) {
>                  char *n2 = ldap_strdup(name+1);
>                  *strchr(n2, ']') = 2;
>                  if (inet_pton(AF_INET6, n2,&addr))
>                          ntype = IS_IP6;
>                  LDAP_FREE(n2);
>          } else
> #endif
>
> the code is attempting to detect whether part of an LDAP URL represents an IPv6
> address; it passes the string to inet_pton(), after removing square brackets.
> But I think this line:
>
>                  *strchr(n2, ']') = 2;
>
> is wrong: shouldn't it be using 0 instead of 2?
>
> When testing on my local system, using the code above always results in
> inet_pton returning 0 (not an IPv6 address) - if I modify the strchr line to use
> zero instead, then inet_pton returns 1 for valid IPv6 addresses.
>
> I may be missing something - "2" seems a peculiar value to use so perhaps it
> does have some special significance - but I think the code as it stands is
> incorrect.

Nice catch, that's been in there since 2002. Fixed in HEAD.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/