[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8568) slapd SASL EXTERNAL bind getprop SSF bug; can provoke SEGFAULT

--On Sunday, January 15, 2017 9:15 PM +0000 william.b.clay@acm.org wrote:

> The following patch seems to correct this issue. I have tested it only on
> a Debian Linux amd64 system, OpenLDAP 2.4.44 build from source, running
> with Cyrus SASL 2.1.25 as distributed in Debian Wheezy.
> bill@fuji:/usr/local/src/openldap-2.4.44/servers/slapd$ diff sasl.c.orig
> sasl.c 1501c1501
> < 			sasl_ssf_t ssf = 0;
> ---
>> 			sasl_ssf_t *ssf = NULL;
> 1514c1514
> < 				sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
> ---
>> 				sasl_setprop( ctx, SASL_SSF_EXTERNAL, ssf );
> bill@fuji:/usr/local/src/openldap-2.4.44/servers/slapd$

Hi Bill,

Thanks very much for the report!  It looks like this was introduced in 
OpenLDAP 2.2.  It's definitely not a common case.  In the future, please 
follow the contribution guidelines documented at 



Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: