[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dnNormalize2 failed assertion (sasl_regexp?)

* Kurt D. Zeilenga (Kurt@OpenLDAP.org) wrote:
> Character strings are expected to be NUL ('\0') terminated
> in OpenLDAP.  When passed in a berval, bv_len should be equal
> to strlen(bv_val).

If I follow things correctly the string is coming from SASL, does that
statement hold over SASL as well?

> The statement is asserting "Is the berval parameter properly formed?".
> The bug is in the function which constructed (or mangled) the berval.

What does that?  From what I can tell it's SASL, or is it in the ldap
libraries and coming from the client?  Of course, if it's the fault of
the client then there's some question as to if LDAP should be crashing
due to this...  DOS possibilities and all that.



Attachment: pgp1ARLdHhmF6.pgp
Description: PGP signature