[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5931) back-meta crashes with syncrepl data



----- "Howard Chu" <hyc@symas.com> ha scritto:

> ando@sys-net.it wrote:
> > I'm trying to modify the code in order to compute the size of the
> > SearchResultEntry portion of the message, but again, in some cases,
> the
> > size is computed incorrectly: the computed length is 4 octets
> shorter
> > than what's actually in the packet.
> >
> > One issue seems to be related to the fact that when ber_skip_tag()
> > checks if the length it's computed fits in the ber by calling
> > ber_pvt_ber_remaining(), it doesn't count that earlier calls to
> > ber_read() moved the ber_ptr forward.  The original ber_ptr should
> be saved.
> 
> This sounds wrong; the bytes that ber_read() advanced comprise the
> length 
> bytes, but they're not included in the total that the length is
> counting. 
> Therefore they should not be accounted for here.

But without this fix ber_scanf("l") LBER_ERROR was failing because ber_pvt_ber_remaining(), which is actually ber_end - ber_ptr, is shorter than *len by the bytes that the ber_reads are advancing.  Feel free to back this out, if you're sure it's incorrect.  I'll recheck the syncrepl over back-meta.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------