[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability
From: michael@stroeder.com
Date: Sat, 12 Sep 2015 14:24:30 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

hyc@symas.com wrote:
> Our patch response was too hasty. There is no OpenLDAP bug here, the real 
> issue is production binaries being built with asserts enabled instead of 
> compiling with -DNDEBUG. That's an issue for packagers and distros to resolve. 
> Closing this ITS, not an OpenLDAP bug.

I've compiled with CFLAGS="-DNDEBUG" (also tried CPPFLAGS) but this did not
help. slapd still crashes when hitting the assert.

Ciao, Michael.

Prev by Date: Re: (ITS#7964) overlay rwm escape issue with more the 9 rules / rewrite statements
Next by Date: (ITS#8243) LMDB Makefile bug
Index(es):
- Chronological
- Thread