[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: program segfaults on ldap_get_values/ldap_get_values_len

On Sat, Mar 08, 2008 at 11:31:40PM -0700, Philip Guenther wrote:
> You passed an invalid 'entry' value to ldap_get_values_len().  Where did 
> that value come from?  (i.e., what's the code that leads up to that call?) 
> Presumably there was a search that ended with an ldap_result() call. 
> What sort of checking of the result of ldap_result() did you perform to 
> handle errors and timeouts?

entry comes from:

  entry = ldap_first_entry(ldap_conn, res);

and res comes from:

  rc = ldap_search_ext_s(ldap_conn, conf.ldap.basedn, LDAP_SCOPE_SUBTREE, filter, NULL, 0, NULL, NULL, NULL, -1, &res);

I check that (rc != LDAP_SUCCESS) and error out of this function if that
is the case and I check that (entry == NULL) and error out of the function
if that is the case.

At one point (I've since taken it out) I was doing an ldap_count_entries()
and getting the proper answer (1 in this case), but aside from that, I don't
know how else to check that entry is valid.

The server is local on the machine, and I'm binding/searching for known things
so I should be getting the proper data, presumably.

"Perl can be fast and elegant as much as J2EE can be fast and elegant.
In the hands of a skilled artisan, it can and does happen; it's just
that most of the shit out there is built by people who'd be better
suited to making sure that my burger is cooked thoroughly."  -- Jonathan Patschke