Full_Name: Quanah Gibson-Mount Version: 2.3.36/HEAD OS: NA URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (71.202.148.128)
back-bdb's filterindex.c has code like the following throughout:
if( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, "<= bdb_presence_candidates: (%s) index_param " "returned=%d\n", desc->ad_cname.bv_val, rc, 0 ); return 0; }
if( db == NULL ) { /* not indexed */ Debug( LDAP_DEBUG_TRACE, "<= bdb_presence_candidates: (%s) not indexed\n", desc->ad_cname.bv_val, 0, 0 ); return 0; }
and
if( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "<= bdb_equality_candidates: (%s) " "index_param failed (%d)\n", ava->aa_desc->ad_cname.bv_val, rc, 0 ); return 0; }
if ( db == NULL ) { Debug( LDAP_DEBUG_ANY, "<= bdb_equality_candidates: (%s) not indexed\n", ava->aa_desc->ad_cname.bv_val, 0, 0 ); return 0; }
However, if "db" is NULL, bdb_index_param will return LDAP_INAPPROPRIATE_MATCH, which does not equal LDAP_SUCCESS, meaning that the "db == NULL" if statement is never reached. It appears the db==NULL check should be done first.
Possibly, the db==NULL check should be moved before the bdb_index_param call, I can't imagine there's much point in calling the function if it isn't indexed, and the only result is to log an error and return?
--Quanah