[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Segmentation faults and malloc checkers

To: "Howard Chu" <hyc@highlandsun.com>, <openldap-devel@OpenLDAP.org>
Subject: Re: Segmentation faults and malloc checkers
From: Simon Wilkinson <sxw@sxw.org.uk>
Date: Fri, 26 Apr 2002 20:54:38 +0100
In-reply-to: <NMEFLNHODBAOPDKNNJALGENKCLAA.hyc@highlandsun.com>
References: <NMEFLNHODBAOPDKNNJALGENKCLAA.hyc@highlandsun.com>

On Friday 26 April 2002 05:53, Howard Chu wrote:
> Optimization or not, this sounds suspicious to me. Pointing them out would
> be a good start.

sasl_getdn in sasl.c has:
        if( id &&
                ( id[sizeof( "anonymous" )-1] == '\0'
                        || id[sizeof( "anonymous" )-1] == '@' ) &&
                !strncasecmp( id, "anonymous", sizeof( "anonymous" )-1) ) {

If strlen(id)<sizeof("anonymous")-1 then the two subsequent checks read off 
the end of the id string.

For debugging, I've fixed this by changing the first line to:

if (id && strlen(id)<(sizeof(anonymous)-1) && 

You could also solve it by reordering, so that the strncasecmp comes 
immediately after the test on 'id'.

Cheers,

Simon.

-- 
Simon Wilkinson            <simon@sxw.org.uk>          http://www.sxw.org.uk
"Go not to the elves for counsel, for they will say both yes and no.
-- J.R.R. Tolkien

Follow-Ups:
- RE: Segmentation faults and malloc checkers
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- RE: Segmentation faults and malloc checkers
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: RE: Segmentation faults and malloc checkers
Next by Date: RE: Segmentation faults and malloc checkers
Index(es):
- Chronological
- Thread