Full_Name: Andreas Moroder Version: 2.4.11 OS: Suse Linux 10.2 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (151.47.3.213)
Hello,
in /servers/slapd/bconfig.c /libraries/libldap_r/tls.c /libraries/libldap_r/tls.c ./libraries/liblber/stdio.c /libraries/liblunicode/ucdata/ucgendat.c /contrib/slapd-modules/lastmod/lastmod.c
the literal value 8192 is used for array sizes instead of SLAP_LDAPDN_MAXLEN 8192 defined in /servers/slapd/slap.h
I think this could become a problem if SLAP_LDAPDN_MAXLEN grows in a future release.
A question from a newbie: What happens in a mixed environment with a never version with bigger SLAP_LDAPDN_MAXLEN that replicates his entries to a version with SLAP_LDAPDN_MAXLEN at 8192 ? Isn't it wrong not to check for a buffer owerflow when strings are concantenated and suppose that the data we use does not exceed the limit ?
Bye Andreas