[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability

h.b.furuseth@usit.uio.no wrote:
> On 12/09/15 16:24, michael@stroeder.com wrote:
>> I've compiled with CFLAGS="-DNDEBUG" (also tried CPPFLAGS) but this did not
>> help. slapd still crashes when hitting the assert.
> Yes, portable.h #undefs it by default.  OpenLDAP has always conflated
> logging, debug output and asserts behind LDAP_DEBUG.  We've been saying
> for some time that we really ought to do something about that someday...

Yes, and that's more obviously a bug that we can fix.

> Even ignoring that, demanding -NDEBUG is backwards in so many ways:
> Using C's features like <assert.h> is not the user's job, it's
> OpenLDAP's (i.e. configure and portable.hin).  The person building
> OpenLDAP might not even be a C programmer who knows about the C
> language quirk that it has a feature makes errors crash by default.

It is standard practice in C code. assert() and NDEBUG are part of the C 
standard. A person who doesn't know C has no business building the code. 
Certainly the libraries are of no use to them if they're not C programmers 

> A simple "./configure --prefix=/whatever" ought to be a reasonable way
> to build OpenLDAP, like with most other packages.  There are
> installation instructions and they do not mention NDEBUG.
> In particular since this isn't even about catching a bug in OpenLDAP,
> but in the input.  If someone wants to crash-debug the input to slapd,
> let him #define something when building slapd.  You could replace the
> assert() with debug_assert() or something.  The same goes for any
> other assert which doesn't mean "assert(the code is correct)".

Every use of assert is "assert(the code is correct)" - but that often depends 
on dynamic state, not just the statically written code. Just like 
"assert(SOCKBUF_VALID(sb))" or whatever else. That is the case for the assert 
in question here.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/