[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4679) Null pointer dereferences in sortctrl.c

To: openldap-its@OpenLDAP.org
Subject: (ITS#4679) Null pointer dereferences in sortctrl.c
From: ipuleston@sonicwall.com
Date: Thu, 21 Sep 2006 17:47:18 GMT

Full_Name: Ian Puleston
Version: 2.3.27
OS: VxWorks
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (67.115.118.49)


Running Coverity on our code which includes a port of the OpenLDAP client
revealed two potential null pointer dereferences in libldap/sortctrl.c that are
still present in the latest version (currently 2.3.27):

In function ldap_parse_sort_control:

	if (ld == NULL) {
		ld->ld_errno = LDAP_PARAM_ERROR;
		return(ld->ld_errno);
	}

In function ldap_create_sort_control:

	if ( (ld == NULL) || (keyList == NULL) || (ctrlp == NULL) ) {
		ld->ld_errno = LDAP_PARAM_ERROR;
		return(ld->ld_errno);
	}

Both of these cases use the ld pointer after it has been found to be NULL.

Prev by Date: Re: (ITS#4676) Incorrect replog format
Next by Date: (ITS#4682) test3
Index(es):
- Chronological
- Thread