[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8714) RFE: Sendout EXTENDED operation message in back-sock

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8714) RFE: Sendout EXTENDED operation message in back-sock
From: hyc@symas.com
Date: Fri, 25 Aug 2017 15:57:27 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

michael@stroeder.com wrote:
> +	/* write out the request to the extended process */
> +	fprintf( fp, "EXTENDED\n" );
> +	fprintf( fp, "msgid: %ld\n", (long) op->o_msgid );
> +	sock_print_conn( fp, op->o_conn, si );
> +	sock_print_suffixes( fp, op->o_bd );
> +	fprintf( fp, "oid: %s\n", op->ore_reqoid.bv_val );
> +  if (op->ore_reqdata) {
> +		fprintf( fp, "valuelen: %lu\n", op->ore_reqdata->bv_len );
> +		fprintf( fp, "value: %s\n", op->ore_reqdata->bv_val );
> +	}
> +	fprintf( fp, "\n" );

This isn't safe. The reqdata is binary, not a nul-terminated C string. I 
suppose you could hex or base64-encode it instead.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#8637) OpenLDAP crashing when defining multiple olcDbURI for chaining
Next by Date: (ITS#8718) Connection delete callback registreed with LDAP_OPT_CONNECT_CB is not called on TLS failure
Index(es):
- Chronological
- Thread