[Date Prev][Date Next] [Chronological] [Thread] [Top]

search_candidates on win32


I can reliably crash slapd on win32 by running a ldapsearch that is not scope == base. CVS-14MAR02

I think the problem is in the search_candidates() function in servers/slapd/back-bdb/search.c ...

static int search_candidates( ... )
        int rc;
        Filter          f, scopef, rf, xf;
        ID              tmp[BDB_IDL_UM_SIZE];
        AttributeAssertion aa_ref;

The declaration 'ID tmp[BDB_IDL_UM_SIZE];' causes a stack overflow.

On my system, this evaluates to 'unsigned long tmp[131070]'.

My question is, isn't that array to big? Can someone shed some light on this?


-- http://linuxquestions.org/ - Ask linux questions, give linux help. http://splint.org/ - Write safe C code. splint source-code analyzer.