[Issue 10130] New: Several callers of getpassphrase() ignore NULL returns

14 Nov 2023


      https://bugs.openldap.org/show_bug.cgi?id=10130
Issue ID: 10130
           Summary: Several callers of getpassphrase() ignore NULL returns
           Product: OpenLDAP
           Version: 2.6.6
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: stacey.marshall@gmail.com
  Target Milestone: ---
getpassphrase(3c) and lutil_getpass() can return NULL to signify
EOF, and in the case of the former for an interrupt or an error.
Several callers fail to check for NULL before calling other functions
which may then cause other issues such as segmentation fault.
A patch in progress treats NULL as EOF and provides an early exit.
```
$ git status --short -uno      
 M clients/tools/common.c
 M clients/tools/ldappasswd.c
 M clients/tools/ldapvc.c
 M servers/slapd/slappasswd.c
 M tests/progs/slapd-tester.c
```
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10130] New: Several callers of getpassphrase() ignore NULL returns