[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: overflows in back-passwd/search.c function pw2entry() (ITS#2046)

To: openldap-its@OpenLDAP.org
Subject: Re: overflows in back-passwd/search.c function pw2entry() (ITS#2046)
From: Kurt@OpenLDAP.org
Date: Tue, 27 Aug 2002 02:10:49 GMT

Fixed in HEAD.

At 02:03 AM 2002-08-26, rhafer@suse.de wrote:
>Full_Name: Ralf Haferkamp
>Version: 2.0.X, HEAD
>OS: 
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (213.95.15.201)
>
>
>Overflows via sprintf() and strcpy()/strcat(). Could use snprintf(). Even if the
>input is from passwd-file it may overflow since some parts are usercontrolled
>(e.g. gecos).

Prev by Date: Re: err=20 when rdn attr name is different that attr name in object (ITS#1997)
Next by Date: back-bdb resource leak (ITS#2040)
Index(es):
- Chronological
- Thread