https://bugs.openldap.org/show_bug.cgi?id=10130
--- Comment #4 from Howard Chu hyc@openldap.org --- Still that's an abnormal use case, when an interrupt is the usual way to exit. For abnormal situations, I see nothing wrong with generating a core file.
In this chunk
diff --git a/clients/tools/ldapvc.c b/clients/tools/ldapvc.c index 4f35025ec..badbdb947 100644 --- a/clients/tools/ldapvc.c +++ b/clients/tools/ldapvc.c @@ -309,8 +309,14 @@ main( int argc, char *argv[] ) #endif && !cred.bv_val) { - cred.bv_val = strdup(getpassphrase(_("User's password: "))); - cred.bv_len = strlen(cred.bv_val); + char *userpw = getpassphrase(_("User's password: ")); + if ( userpw == NULL ) /* Allow EOF to exit. */ + { + free( cred.bv_val ); + tool_exit( ld, EXIT_FAILURE ); + } + cred.bv_val = strdup(userpw); + cred.bv_len = strlen(cred.bv_val); }
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS_INTERACTIVE
the free( cred.bv_val ) is unnecessary, since this code is inside an if ( !cred.bv_val ).