[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
urgent: possible bug in ber_get_next()
folks
I have ported the openldap ber encode/decode/io functions
to an embedded operating system, and am seeing HUGE malloc()
failure errors coming from ber_get_next() function.
>From my client, I list a query that lists all users of
an Organization (uid=*), listing > 30,000 users,
and on trying to parse thru the Search Response
for that query, I see mallocs of gigantic size
simetimes > 100M, and failures.
Is there any known bugs in the ber_get_next() function,
and particularly, should I define my own limits such
as the below, espoused in the code below for DOS for
my own OS, before mallocing()?
ber_get_next(....)
{
..
..
..
#if defined( DOS ) && !defined( _WIN32 )
if ( *len > 65535 ) { /* DOS can't allocate > 64K */
return( LBER_DEFAULT );
}
#endif /* DOS && !_WIN32 */
if ( ( sb->sb_options & LBER_MAX_INCOMING_SIZE ) &&
*len > (unsigned long) sb->sb_max_incoming ) {
return( LBER_DEFAULT );
}
if ( (ber->ber_buf = (char *) malloc( (size_t)*len )) == NULL ) {
return( LBER_DEFAULT );
}
ber->ber_ptr = ber->ber_buf;
ber->ber_end = ber->ber_buf + *len;
ber->ber_rwptr = ber->ber_buf;
}
.....
..
}
Please reply at the earliest. Thanks very much in advance
-Murali
muraliv@cisco.com