Re: (ITS#6371) problem with ber_flatten2

dave.daugherty@centrify.com writes:

Version: 2.2.6 and 2.4.17

This bug was fixed in OpenLDAP 2.4.18.

1. Is the zero terminator really necessary?

Yes. Much OpenLDAP code expects bervalues to be \0-terminated. lber.h now has a LBER_BV_NOTERM flag for not \0-terminating it.

2. If so, seems like it should only be done if we actually allocated

a new buffer (which does leave one byte at the end).

That would have been a cleaner default for the input value, but not for the output value:-( In any case, this function was probably first written for internal use - for accessing a BerElement. That code does deal with \0-termination.

This quirk should be documented though. Currently ber_flatten is not documented at all.