[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Bug causing infinite loop in result.c
Carsten.Agger@tietoenator.com wrote:
> We have found a bug in libraries/libldap/result.c which may cause an
> infinite loop in some situations.
>
> The error is this, in the function wait4msg():
>
> if ( rc == LDAP_MSG_X_KEEP_LOOKING && tvp != NULL ) {
> tmp_time = time( NULL );
> tv0.tv_sec -= ( tmp_time - start_time );
> if ( tv0.tv_sec <= 0 ) {
> rc = 0; /* timed out */
> ld->ld_errno = LDAP_TIMEOUT;
> break;
> }
> tv.tv_sec = tv0.tv_sec;
> ...
> }
>
> The problem is this: The check ( tv0.tv_sec <= 0 ) is always true, since tv_sec (on our
> system, at least) is an unsigned int.
>
> The problem is fixed by casting it to int:
>
> if ( (int) tv0.tv_sec <= 0 ) {
> ...
> }
>
> however this might not be the most suitable way to fix it.
On 32 bit Linux, it is defined as long. In any case, ((unsigned) <= 0)
is not always true; it's only true when ( == 0), because an unsigned
cannot be negative. The solution rather consists in testing if the
value of tv_sec would be negative after subtracting ( tmp_time -
start_time ).
Please file a bug, and state what's your system.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------