mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-05 13:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#4467: Fix ptr += snprintf buffer overflow tests (made out-of-range ptr).

Browse Source 
Also avoid a buf[BUFSIZ] initialization.
This commit is contained in:
Hallvard Furuseth 2008-10-24 13:11:10 +00:00
parent 65a390546f
commit 8690650121
1 changed files with 9 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
libraries/libldap/search.c
View File

@ -301,27 +301,25 @@ ldap_build_search_req(
#ifdef LDAP_DEBUG
if ( ldap_debug & LDAP_DEBUG_ARGS ) {
char buf[ BUFSIZ ] = { ' ', '*', '\0' };
char buf[ BUFSIZ ], *ptr = " *";
if ( attrs != NULL ) {
char *ptr;
int i;
int i, len, rest = sizeof( buf );
for ( ptr = buf, i = 0;
attrs[ i ] != NULL && ptr < &buf[ sizeof( buf ) ];
i++ )
{
ptr += snprintf( ptr, sizeof( buf ) - ( ptr - buf ),
" %s", attrs[ i ] );
for ( i = 0; attrs[ i ] != NULL && rest > 0; i++ ) {
ptr = &buf[ sizeof( buf ) - rest ];
len = snprintf( ptr, rest, " %s", attrs[ i ] );
rest -= (len >= 0 ? len : (int) sizeof( buf ));
}
if ( ptr >= &buf[ sizeof( buf ) ] ) {
if ( rest <= 0 ) {
AC_MEMCPY( &buf[ sizeof( buf ) - STRLENOF( "...(truncated)" ) - 1 ],
"...(truncated)", STRLENOF( "...(truncated)" ) + 1 );
}
ptr = buf;
}
Debug( LDAP_DEBUG_ARGS, "ldap_build_search_req ATTRS:%s\n", buf, 0, 0 );
Debug( LDAP_DEBUG_ARGS, "ldap_build_search_req ATTRS:%s\n", ptr, 0,0 );
}
#endif /* LDAP_DEBUG */