[Date Prev][Date Next]
Re: (ITS#8301) signed/unsigned confusion in ber_get_next()
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8301) signed/unsigned confusion in ber_get_next()
- From: firstname.lastname@example.org
- Date: Thu, 05 Nov 2015 05:33:40 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
On Thu, Nov 05, 2015 at 12:12:26AM +0000, email@example.com wrote:
>Hi, the following will assert in liblber on i386 (and it should be possible to
>craft a similar one for 64bit, I think):
>echo 'CoSSoJKSCg==' | base64 -d | ~/code/openldap/libraries/liblber/etest .
slapd's sane default setting for sb_max_incoming appears to mitigate
most of the potential security impact of this one.