[Date Prev][Date Next] [Chronological] [Thread] [Top]

Possible bug in ldap_get_values_len?

Hello all,

I was mucking around with OpenLDAP and noticed that ldap_get_values_len
was returning NULL without setting a corresponding error code.  Intruiged
by this behavior, I did some debugging, and found that it was doing so
on nsslapd-referral as generated by a Fedora 1.2.5 or 1.2.6 directory server
for the cn=config entry (I haven't checked anywhere else yet).  Here
is a fragment of the byte sequence in ber_buf that was causing this:


I checked some other code, ldapvi works around this by checking if the return
value of ldap_get_values_len is NULL before using it, but it doesn't seem to
do so consistently, and an old version of the code had this to say:

    struct berval **values = ldap_get_values_len(ld, entry, ad);
    struct berval **ptr;

    if (!values) continue; /* weird server */

I've also posted to 389-users [1], in Fedora Directory Server spitting out
malformed data.  But in that case, OpenLDAP should give me an error code,
or work around it, or something.


[1] http://lists.fedoraproject.org/pipermail/389-users/2010-October/012320.html