openldap-bugs January 2023

openldap-bugs@openldap.org

1 participants
141 discussions

[Issue 9904] New: A Potential NPD
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9904 Issue ID: 9904 Summary: A Potential NPD Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: 1157401338(a)qq.com Target Milestone: --- Created attachment 911 --> https://bugs.openldap.org/attachment.cgi?id=911&action=edit diagram of NPD Hi, I found a NPD bug in the project source code of ldap, and I have shown the execution sequence of the program that may have generated the bug on a diagram,which is added to the attachment The red text illustrates the steps that created the bug the red arrows represent the call relationships the file path can be seen in the blue framed section. additionally,at step 4 I do not expand more detail about why function ber_memalloc_x can return null(actually it can be seen as function malloc and the reason ber_memalloc_x return null is same with malloc),because there are many code snippet can be found in project source code that judge whether ber_memalloc_x return null and make further process if return value equal to null. I look forward to your reply and thank you very much for your patience! -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9901] New: Fix non-standard printf arguments in liblbert and libldap
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9901 Issue ID: 9901 Summary: Fix non-standard printf arguments in liblbert and libldap Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: michael.osipov(a)siemens.com Target Milestone: --- Created attachment 910 --> https://bugs.openldap.org/attachment.cgi?id=910&action=edit Patch gainst source tarball As a followup to Bug 9898 and Bug 9899 I have played around with LLVM 13 and "-std=c17 -pedantic -Wall" it fails to compile several files. Find a patch attached which makes it standards compliant. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9899] New: "cyrus.c" uses non-portable GNU extension for void pointer arithmetics and fails on HP-UX aCC
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9899 Issue ID: 9899 Summary: "cyrus.c" uses non-portable GNU extension for void pointer arithmetics and fails on HP-UX aCC Product: OpenLDAP Version: 2.6.3 Hardware: All OS: Other Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: michael.osipov(a)siemens.com Target Milestone: --- On HP-UX with cc: HP C/aC++ B3910B A.06.29 [Oct 18 2016] tells me libtool: compile: /opt/aCC/bin/aCC -Ae -g -I../../include -I../../include -I/opt/ports/include -DLDAP_LIBRARY -c cyrus.c -DPIC -o .libs/cyrus.o "cyrus.c", line 420: error #3143: arithmetic on pointer to void or function type memcpy( cb_data + plen, cbv.bv_val, cbv.bv_len ); ^ 1 error detected in the compilation of "cyrus.c". gmake[2]: *** [Makefile:434: cyrus.lo] Error 1 void pointer arithmetics is not valid/undefined and just a GNU extension supported by GCC or clang. I was able to reproduce this on FreeBSD clang version 13.0.0 (git@github.com:llvm/llvm-project.git llvmorg-13.0.0-0-gd7b669b3a303): osipovmi@deblndw011x:~/var/Projekte/openldap-2.6.3/libraries/libldap $ cc -std=c17 -I../../include -I../../include -I/usr/local/include -DLDAP_LIBRARY -c cyrus.c -o cyrus.o -pedantic -Werror cyrus.c:420:18: error: arithmetic on a pointer to void is a GNU extension [-Werror,-Wpointer-arith] memcpy( cb_data + plen, cbv.bv_val, cbv.bv_len ); ~~~~~~~ ^ 1 error generated. I am not a daily C hacker, but I guess cb_data needs to be typed to "unsigned char" just like data from sasl_channel_binding_t (https://github.com/cyrusimap/cyrus-sasl/blob/cb549ef71c5bb646fe583697ebdcab…). Or at least a malloc with an "unsigned char", save the pointer start address, copy the prefix, increment by prefix length, copy the channel binding value and then assign the pointer start address to the output struct. I will unset SASL_CHANNEL_BINDING for now since it is not required in your AD environment when SASL GSSAPI with minssf=1 is set. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9976] New: ldap_sasl_bind_s man page missing details on freeing the returned servercredp parameter
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9976 Issue ID: 9976 Summary: ldap_sasl_bind_s man page missing details on freeing the returned servercredp parameter Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: wmjchs(a)hotmail.com Target Milestone: --- Source code for ldap_sasl_bind_s shows that the parameter is to be freed via ber_bvfree when no longer used. (https://git.openldap.org/openldap/openldap/-/blob/master/libraries/libldap/…) However, the documentation (https://www.openldap.org/software/man.cgi?query=ldap_sasl_bind_s&apropos=0&…) makes no mention of this. The following sources also omitted this information: https://linux.die.net/man/3/ldap_sasl_bind_s https://www.ibm.com/docs/en/i/7.4?topic=ssw_ibm_i_74/apis/ldap_sasl_bind_s.… https://learn.microsoft.com/en-us/windows/win32/api/winldap/nf-winldap-ldap… While the following didn't: https://www.novell.com/documentation/developer/cldap/ldaplibc/data/a401rtp.… https://www.ibm.com/docs/en/zos/2.3.0?topic=routines-ldap-sasl-bind-ldap-sa… https://docs.oracle.com/cd/E19957-01/817-6707/functions.html#wp57022 -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9957] New: slapo-dynlist manpage needs better description of dynlist-attrset
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9957 Issue ID: 9957 Summary: slapo-dynlist manpage needs better description of dynlist-attrset Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Each dynlist-attrset defines one of three distinct behaviours: - dynamic list (attributes are gathered from other entries) - dynamic group (DNs are gathered based on other entries) - static group (DNs are gathered based on DNs stored on entries) With the groups possibly being recursive, requiring traversal. Since the above do not mix, the documentation should be more explicit about how each one should look and behave. It should also be noted somewhere what happens (or not) when multiple dynlist-attrset stanzas would apply to the same entry. At that point, configuration code could also be made more strict to reject configurations that satisfy the apparent dynlist-attrset syntax but do not actually represent anything that fits just one of the above and is therefore nonsensical (with parts of it apparently ignored at runtime). With nonsensical configuration rejected, it would be possible to streamline internal dynlist structures and make critical parts of the overlay code more readable. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9941] New: back-asyncmeta(5) man page has incorrect information
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9941 Issue ID: 9941 Summary: back-asyncmeta(5) man page has incorrect information Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- Currently the man page states that asyncmeta selects the connection queue with the least number of pending operations as the next connection, but that was dropped a while ago, and the connections queues are selected round-robin. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9985] New: slapd-modules/passwd/totp does not build .so file
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9985 Issue ID: 9985 Summary: slapd-modules/passwd/totp does not build .so file Product: OpenLDAP Version: 2.6.3 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: bastian-bugopenldap21(a)t6l.de Target Milestone: --- I try to build the contrib module totp from openldap 2.6.3. The README states to run `make` in order to build the dynamic link-able .so file. It does not so on my test system (could be a flaw on the test system though). Many thanks, -- You are receiving this mail because: You are on the CC list for the issue.

1 12

[Issue 9917] New: Remove -h and -p from options[] in client tools
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9917 Issue ID: 9917 Summary: Remove -h and -p from options[] in client tools Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: daniels.thomas(a)pm.me Target Milestone: --- Created attachment 914 --> https://bugs.openldap.org/attachment.cgi?id=914&action=edit patch for this issue The options -h and -p got removed from client tools (https://bugs.openldap.org/show_bug.cgi?id=8618). However, they were still present in the options[] array in several client tools source files. So, if one of those tools got executed with -h or -p followed by a value, this lead to the error "unrecognized option -", without mentioning which option was problematic. Removing 'h' and 'p' from options[] fixes this. This patch does that. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9908] New: LDAP* leak in slapd-tester children when retrying a bind
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9908 Issue ID: 9908 Summary: LDAP* leak in slapd-tester children when retrying a bind Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Happens in lloadd's test002 where the balancer routinely returns BUSY in response to a bind. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9860] New: ldapsearch memory leaks
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9860 Issue ID: 9860 Summary: ldapsearch memory leaks Product: OpenLDAP Version: 2.5.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: hamano(a)osstech.co.jp Target Milestone: --- When using page control, The control value leaks with each goto getNextPage; loop due to `i` and `nctrl` step back. ``` 1114 getNextPage: ... 1124 save_nctrls = nctrls; 1125 i = nctrls; ``` ``` 1284 if ( ldap_create_page_control_value( ld, 1285 pageSize, &pr_cookie, &c[i].ldctl_value ) ) ``` ``` 1445 /* step back to the original number of controls, so that 1446 * those set while parsing args are preserved */ 1447 nctrls = save_nctrls; ``` ``` 1612 goto getNextPage; ``` -- You are receiving this mail because: You are on the CC list for the issue.

1 4

← Newer
1
...
8
9
10
11
12
13
14
15
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs January 2023