[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5934) NULL pointer usage in ldap_new_connection(), causes segmentation fault
Full_Name: Brad Plank
Version: 2.4.13
OS: FreeBSD
URL: ftp://ftp.openldap.org/incoming/brad-plank-090209.patch
Submission from: (NULL) (199.120.225.110)
NULL pointer usage in:
LDAPConn *
ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
int connect, LDAPreqinfo *bind )
...
if ( lc->lconn_server->lud_exts ) {
...
The below patch is to fix this issue, since the pointer "lconn_server" should
only be used when "connect" is non-zero:
==================================================================
--- libraries/libldap/request.c.orig 2008-11-07 20:15:17.000000000 -0500
+++ libraries/libldap/request.c 2009-02-09 11:01:56.000000000 -0500
@@ -452,9 +452,9 @@ ldap_new_connection( LDAP *ld, LDAPURLDe
ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
#endif
- if ( lc->lconn_server->lud_exts ) {
-#ifdef HAVE_TLS
if ( connect ) {
+#ifdef HAVE_TLS
+ if ( lc->lconn_server->lud_exts ) {
int rc, ext = find_tls_ext( lc->lconn_server );
if ( ext ) {
LDAPConn *savedefconn;
==================================================================
I, Brad Plank, hereby place the following modifications to OpenLDAP Software
(and only these modifications) into the public domain. Hence, these
modifications may be freely used and/or redistributed for any purpose with or
without attribution and/or other notice.