[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: crasher in SASL authorization code (ITS#2234)

To: openldap-its@OpenLDAP.org
Subject: Re: crasher in SASL authorization code (ITS#2234)
From: lukeh@PADL.COM
Date: Thu, 12 Dec 2002 06:53:48 GMT

I can stop slapd crashing by making a copy of "in" in 
slap_sasl_canonicalize():

Index: sasl.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/sasl.c,v
retrieving revision 1.134
diff -u -r1.134 sasl.c
--- sasl.c      4 Dec 2002 03:13:20 -0000       1.134
+++ sasl.c      12 Dec 2002 06:52:44 -0000
@@ -658,9 +658,16 @@
         * conflict with slap_sasl_authorize's use of this temp var.
         */
        if ( flags == SASL_CU_AUTHID ) {
+               conn->c_sasl_dn.bv_val = ch_strdup((char *)in);
-               conn->c_sasl_dn.bv_val = (char *) in;
        } else if ( flags == SASL_CU_AUTHZID && conn->c_sasl_dn.bv_val ) {
                rc = strcmp( in, conn->c_sasl_dn.bv_val );
+               ch_free(conn->c_sasl_dn.bv_val);
                conn->c_sasl_dn.bv_val = NULL;
                /* They were equal, no work needed */
                if ( !rc ) goto done;

Not sure whether this is leaky or the right fix, but it at
least stops slapd crashing...

-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com

Prev by Date: Re: crasher in SASL authorization code (ITS#2234)
Next by Date: Despite modrdn failure, slapd wite out the replog (ITS#2235)
Index(es):
- Chronological
- Thread