[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: found and fixed allocation problem in SRL_ldap.c

To: "Ken Stillson" <stillson@xxxxxxxxxxxx>, <imc-cml@xxxxxxx>
Subject: RE: found and fixed allocation problem in SRL_ldap.c
From: "Nicholas, Richard" <Richard.Nicholas@xxxxxxxxxxxxxxxx>
Date: Tue, 22 Oct 2002 12:03:23 -0400
List-archive: <http://www.imc.org/imc-cml/mail-archive/>
List-id: <imc-cml.imc.org>
List-unsubscribe: <mailto:imc-cml-request@imc.org?body=unsubscribe>
Sender: owner-imc-cml@xxxxxxxxxxxx
Thread-index: AcJv2Z9B3af5yI4ESwWnkFTBGXkjVgKCqLwA
Thread-topic: found and fixed allocation problem in SRL_ldap.c

All,

Thanks, Ken.
This is indeed a bug in CML v2.1.

The v2.1.1 patch containing the fix for this bug should be available
from the web site by tomorrow.

- Rich
---------------------------
Richard E. Nicholas
Principal Secure Systems Engineer
Getronics Government Solutions, LLC
Richard.Nicholas@xxxxxxxxxxxxxxxx
(301) 939-2722

> -----Original Message-----
> From: Ken Stillson [mailto:stillson@xxxxxxxxxxxx] 
> Sent: Wednesday, October 09, 2002 5:18 PM
> To: IMC-CML mailing list
> Subject: found and fixed allocation problem in SRL_ldap.c
> 
> 
> 
> 
>   Hi folks,
> 
>   Just thought I'd pass on what I'm pretty sure is bug-fix 
> for CML 2.1.
> 
>   There's a problem in SRL_ldap.c, that if a URL is passed 
> that does not
>   have a filter, the pointer within the internal structure is 
> directed to a
>   "const static" char string, which causes a fatal memory 
> error when that
>   structure is deallocated.  The solution is just to strdup a 
> copy of the
>   static string so it can be correctly deallocated later.
> 
>   Standard form patch file follows.
>   Best regards,
> 
>     - Ken Stillson
> 
> --
>       |   Ken Stillson             |    stillson@xxxxxxxxxxxx    |
>       |   Sr. Principal Engineer   |    voice: (703) 610-2965    |
>       |   Mitretek Systems         |      fax: (703) 610-2399    |
> 
> 
> --- SRL_ldap.c.orig	2002-07-15 12:45:18.000000000 -0400
> +++ SRL_ldap.c	2002-10-08 16:58:30.000000000 -0400
> @@ -2642,7 +2642,7 @@
> 
>  	// Load in the standard defaults per RFC2255
>  	pDesc->scope = LDAP_SCOPE_BASE;
> -	pDesc->filter = (uchar *)"(objectClass=*)";
> +	//__mts; cannot use const alloc; will cause free error 
> later; see 
> +strdup solution below.  pDesc->filter = (uchar *)"(objectClass=*)";
> 
>  	// Get the DN
>  	dn = strchr(purl, '/');
> @@ -2706,6 +2706,9 @@
>                       SRLi_hex_unescape((char *)pDesc->filter);
>  				 }
>  			} // Endif filter
> +			else { //__mts: if not specific filter 
> found, use default
> +				pDesc->filter = (uchar 
> *)strdup("(objectClass=*)");
> +			}
> 
>  			// Load in the Scope level based on the ascii
>  			if (SRLi_memicmp( scope, "one", 
> strlen("one") ) == 0)
> 
>

Prev by Date: RE: having CML problems with CRL validation
Next by Date: RE: question on multiple CA certs with the same DN
Previous by thread: found and fixed allocation problem in SRL_ldap.c
Next by thread: question on multiple CA certs with the same DN
Index(es):
- Date
- Thread