[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: shell-backend/result.c bug

To: Mei-Hui Su <mei@ISI.EDU>
Subject: Re: shell-backend/result.c bug
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 19 Apr 2000 07:54:38 +0200
Cc: openldap-bugs@OpenLDAP.org
In-reply-to: <200004142135.OAA24293@hammie.isi.edu>

Please file an ITS with a unified diff (-u), thanks.

At 02:35 PM 4/14/00 -0700, Mei-Hui Su wrote:
>
>Hi,
>
>  We found a bug in servers/slapd/back-shell/result.c in 1.2.9 and
>also in 1.2.7 and the development tree. What happens is that when
>buf got 'reallocated', the bp (the buf place pointer) did not get
>moved. This will lead to memory corruption and seg faults. This is 
>the patch for it,
>
>hammie 58% diff new_result.c result.c
>24c24
><       int     bsize, len, offset;
>---
>>       int     bsize, len;
>46d45
><                       offset = (int) (bp - buf);
>48d46
><                       bp = buf + offset;
>
>  We have already double checke the other back-X directory in 
>1.2.7 and 1.2.9 and developement tree. back-ldbm's search.c got
>it correctly. But in the development tree's servers/slapd/back-tcl's
>tcl_modify.c(1) and tcl_util.c(2), there are similar problems.  
>
>mei
>
>

References:
- shell-backend/result.c bug
  - From: Mei-Hui Su <mei@ISI.EDU>

Prev by Date: SASL/TLS command line options for clients/tools/ldap* (ITS#503)
Next by Date: Re: SASL/TLS command line options for clients/tools/ldap* (ITS#503)
Index(es):
- Chronological
- Thread