[Date Prev][Date Next] [Chronological] [Thread] [Top]

SLAPD coredump in saslauthz.c



Changes recently committed to servers/slapd/saslauthz.c cause slapd to
coredump while parsing sasl-regexp clauses in slapd.conf.

The cause seems to be an un-initialised variable, `reg'. The appended
patch prevents the crash. I have not yet verified the operation of the
rest of the code.

The changes were made partly in reponse to ITS#1951 so I have appended
the patch to that ticket.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|        Andrew.Findlay@skills-1st.co.uk       +44 1628 782565        |
-----------------------------------------------------------------------

--- saslauthz.c.dist	Mon Aug  5 22:40:08 2002
+++ saslauthz.c	Wed Aug  7 17:04:36 2002
@@ -196,8 +196,12 @@
 	int rc;
 	SaslRegexp_t *reg;
 
+	/* Make space in array for another sasl-regex structure */
 	SaslRegexp = (SaslRegexp_t *) ch_realloc( (char *) SaslRegexp,
 	  (nSaslRegexp + 1) * sizeof(SaslRegexp_t) );
+
+	/* Point to the new slot in the array */
+	reg = SaslRegexp + (nSaslRegexp * sizeof(SaslRegexp_t));
 
 	reg->sr_match = ch_strdup( match );
 	reg->sr_replace = ch_strdup( replace );