[Issue 9578] New: Buffer overflow at libraries/libldap/ldif.c:907 (ldif_read_record)

12 Jun 2021


      https://bugs.openldap.org/show_bug.cgi?id=9578
Issue ID: 9578
           Summary: Buffer overflow at libraries/libldap/ldif.c:907
                    (ldif_read_record)
           Product: OpenLDAP
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: ---
         Component: libraries
          Assignee: bugs@openldap.org
          Reporter: grapvar@gmail.com
  Target Milestone: ---
Created attachment 827
  --> https://bugs.openldap.org/attachment.cgi?id=827&action=edit
fix
libraries/libldap/ldif.c:829
...
/* Squash \r\n to \n */
 if ( len > 1 && line[len-2] == '\r' ) {
   len--;
   line[len-1] = '\n';
 }
may cause buffer overflow at
libraries/libldap/ldif.c:907
...
strcpy( *bufp + lcur, line );
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 9578] New: Buffer overflow at libraries/libldap/ldif.c:907 (ldif_read_record)