[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8046) query caused slapd to stop
Howard Chu wrote:
> Ryan Tandy wrote:
>> Hi again,
>>
>> 9d9913392a0346e23f07e65d7d0964c84e2c1277 is the first bad commit
>> commit 9d9913392a0346e23f07e65d7d0964c84e2c1277
>> Author: Howard Chu <hyc@openldap.org>
>> Date: Thu Sep 18 02:06:38 2014 +0100
>>
>> ITS#7942 plug leak in controls
>>
>> Reverting 8bdd54c and 9d99133 fixes the crash.
>>
>> I suppose it should probably get a CVE, and so on...
>>
> git history shows vrFilter_free has been broken ever since Kurt wrote it in
> 2002. Which pretty much means it was never getting called until #7942 plugged
> that memory leak.
>
For future reference, this was registered as CVE-2015-1546
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/