[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5934) NULL pointer usage in ldap_new_connection(), causes segmentation fault
bplank@gta.com wrote:
> Full_Name: Brad Plank
> Version: 2.4.13
> OS: FreeBSD
> URL: ftp://ftp.openldap.org/incoming/brad-plank-090209.patch
> Submission from: (NULL) (199.120.225.110)
>
Thanks for the report, now fixed in HEAD and RE24.
> NULL pointer usage in:
> LDAPConn *
> ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
> int connect, LDAPreqinfo *bind )
>
> ...
> if ( lc->lconn_server->lud_exts ) {
> ...
>
> The below patch is to fix this issue, since the pointer "lconn_server" should
> only be used when "connect" is non-zero:
>
> ==================================================================
>
> --- libraries/libldap/request.c.orig 2008-11-07 20:15:17.000000000 -0500
> +++ libraries/libldap/request.c 2009-02-09 11:01:56.000000000 -0500
> @@ -452,9 +452,9 @@ ldap_new_connection( LDAP *ld, LDAPURLDe
> ldap_pvt_thread_mutex_unlock(&ld->ld_conn_mutex );
> #endif
>
> - if ( lc->lconn_server->lud_exts ) {
> -#ifdef HAVE_TLS
> if ( connect ) {
> +#ifdef HAVE_TLS
> + if ( lc->lconn_server->lud_exts ) {
> int rc, ext = find_tls_ext( lc->lconn_server );
> if ( ext ) {
> LDAPConn *savedefconn;
>
> ==================================================================
>
> I, Brad Plank, hereby place the following modifications to OpenLDAP Software
> (and only these modifications) into the public domain. Hence, these
> modifications may be freely used and/or redistributed for any purpose with or
> without attribution and/or other notice.
>
>
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/