This is a multi-part message in MIME format.
--------------060204070408080909040407
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Here is a patch that intends to fix #6014. getpassphrase() (which in
turn would be a getpass() call, or lutil_getpass() call), returns a
pointer from a static char * pointer, which should never be free()'ed.
Therefore, a strdup() should be called.
Note that, since both getpass() implementation could return NULL, we can
not strdup() directly. Instead, we need to detect whether it's NULL and
handle separately.
--
Xin LI
delphij@delphij.net http://www.delphij.net/
FreeBSD - The Power to Serve!
--------------060204070408080909040407
Content-Type: text/plain;
name="patch-ITS6014"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="patch-ITS6014"
Index: clients/tools/ldapcompare.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapcompare.c,v
retrieving revision 1.52
diff -u -p -r1.52 ldapcompare.c
--- clients/tools/ldapcompare.c 21 Jan 2009 23:40:09 -0000 1.52
+++ clients/tools/ldapcompare.c 11 Mar 2009 17:22:58 -0000
@@ -182,6 +182,7 @@ main( int argc, char **argv )
{
char *compdn = NULL, *attrs = NULL;
char *sep;
+ const char *passphrase;
int rc;
LDAP *ld = NULL;
struct berval bvalue = { 0, NULL };
@@ -233,7 +234,8 @@ main( int argc, char **argv )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup(passphrase) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldapdelete.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapdelete.c,v
retrieving revision 1.130
diff -u -p -r1.130 ldapdelete.c
--- clients/tools/ldapdelete.c 21 Jan 2009 23:40:09 -0000 1.130
+++ clients/tools/ldapdelete.c 11 Mar 2009 17:22:58 -0000
@@ -162,6 +162,7 @@ int
main( int argc, char **argv )
{
char buf[ 4096 ];
+ const char *passphrase;
FILE *fp;
LDAP *ld;
int rc, retval;
@@ -191,7 +192,8 @@ main( int argc, char **argv )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup(passphrase) : 0;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldapexop.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapexop.c,v
retrieving revision 1.16
diff -u -p -r1.16 ldapexop.c
--- clients/tools/ldapexop.c 21 Jan 2009 23:40:09 -0000 1.16
+++ clients/tools/ldapexop.c 11 Mar 2009 17:22:58 -0000
@@ -70,6 +70,7 @@ main( int argc, char *argv[] )
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
+ const char *passphrase;
LDAPControl **ctrls = NULL;
int id, code;
LDAPMessage *res;
@@ -91,7 +92,8 @@ main( int argc, char *argv[] )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup( passphrase ) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldapmodify.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapmodify.c,v
retrieving revision 1.209
diff -u -p -r1.209 ldapmodify.c
--- clients/tools/ldapmodify.c 21 Jan 2009 23:40:09 -0000 1.209
+++ clients/tools/ldapmodify.c 11 Mar 2009 17:22:58 -0000
@@ -237,6 +237,7 @@ int
main( int argc, char **argv )
{
char *rbuf = NULL, *rejbuf = NULL;
+ const char *passphrase;
FILE *rejfp;
struct LDIFFP *ldiffp, ldifdummy = {0};
char *matched_msg, *error_msg;
@@ -286,7 +287,8 @@ main( int argc, char **argv )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup( passphrase ) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldapmodrdn.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapmodrdn.c,v
retrieving revision 1.124
diff -u -p -r1.124 ldapmodrdn.c
--- clients/tools/ldapmodrdn.c 21 Jan 2009 23:40:09 -0000 1.124
+++ clients/tools/ldapmodrdn.c 11 Mar 2009 17:22:58 -0000
@@ -151,6 +151,7 @@ int
main(int argc, char **argv)
{
char *entrydn = NULL, *rdn = NULL, buf[ 4096 ];
+ const char *passphrase;
FILE *fp;
LDAP *ld;
int rc, retval, havedn;
@@ -192,7 +193,8 @@ main(int argc, char **argv)
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup( passphrase ) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldappasswd.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldappasswd.c,v
retrieving revision 1.148
diff -u -p -r1.148 ldappasswd.c
--- clients/tools/ldappasswd.c 7 Mar 2009 23:08:09 -0000 1.148
+++ clients/tools/ldappasswd.c 11 Mar 2009 17:22:59 -0000
@@ -205,8 +205,9 @@ main( int argc, char *argv[] )
if( want_oldpw && oldpw.bv_val == NULL ) {
/* prompt for old password */
- char *ckoldpw;
- oldpw.bv_val = strdup(getpassphrase(_("Old password: ")));
+ const char *oldpassphrase, *ckoldpw;
+ oldpassphrase = getpassphrase(_("Old password: "));
+ oldpw.bv_val = oldpassphrase ? strdup(oldpassphrase) : NULL;
ckoldpw = getpassphrase(_("Re-enter old password: "));
if( oldpw.bv_val == NULL || ckoldpw == NULL ||
@@ -217,7 +218,7 @@ main( int argc, char *argv[] )
goto done;
}
- oldpw.bv_len = strlen( oldpw.bv_val );
+ oldpw.bv_len = oldpw.bv_val ? strlen( oldpw.bv_val ) : 0;
}
if( newpwfile ) {
@@ -230,8 +231,9 @@ main( int argc, char *argv[] )
if( want_newpw && newpw.bv_val == NULL ) {
/* prompt for new password */
- char *cknewpw;
- newpw.bv_val = strdup(getpassphrase(_("New password: ")));
+ const char *newpassphrase, *cknewpw;
+ newpassphrase = getpassphrase(_("New password: "));
+ newpw.bv_val = newpassphrase ? strdup(newpassphrase) : NULL;
cknewpw = getpassphrase(_("Re-enter new password: "));
if( newpw.bv_val == NULL || cknewpw == NULL ||
@@ -242,7 +244,7 @@ main( int argc, char *argv[] )
goto done;
}
- newpw.bv_len = strlen( newpw.bv_val );
+ newpw.bv_len = newpw.bv_val ? strlen( newpw.bv_val ) : 0;
}
if ( pw_file ) {
@@ -253,7 +255,9 @@ main( int argc, char *argv[] )
}
} else if ( want_bindpw ) {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ const char *bindpassphrase;
+ bindpassphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = bindpassphrase ? strdup(bindpassphrase) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
Index: clients/tools/ldapsearch.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapsearch.c,v
retrieving revision 1.262
diff -u -p -r1.262 ldapsearch.c
--- clients/tools/ldapsearch.c 7 Mar 2009 00:31:34 -0000 1.262
+++ clients/tools/ldapsearch.c 11 Mar 2009 17:22:59 -0000
@@ -718,6 +718,7 @@ int
main( int argc, char **argv )
{
char *filtpattern, **attrs = NULL, line[BUFSIZ];
+ const char *passphrase;
FILE *fp = NULL;
int rc, rc1, i, first;
LDAP *ld = NULL;
@@ -831,7 +832,8 @@ main( int argc, char **argv )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup(passphrase) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
Index: clients/tools/ldapwhoami.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/clients/tools/ldapwhoami.c,v
retrieving revision 1.50
diff -u -p -r1.50 ldapwhoami.c
--- clients/tools/ldapwhoami.c 21 Jan 2009 23:40:09 -0000 1.50
+++ clients/tools/ldapwhoami.c 11 Mar 2009 17:22:59 -0000
@@ -112,6 +112,7 @@ main( int argc, char *argv[] )
LDAP *ld = NULL;
char *matcheddn = NULL, *text = NULL, **refs = NULL;
char *retoid = NULL;
+ const char *passphrase;
struct berval *retdata = NULL;
int id, code = 0;
LDAPMessage *res;
@@ -134,7 +135,8 @@ main( int argc, char *argv[] )
rc = lutil_get_filed_password( pw_file, &passwd );
if( rc ) return EXIT_FAILURE;
} else {
- passwd.bv_val = getpassphrase( _("Enter LDAP Password: ") );
+ passphrase = getpassphrase( _("Enter LDAP Password: ") );
+ passwd.bv_val = passphrase ? strdup(passphrase) : NULL;
passwd.bv_len = passwd.bv_val ? strlen( passwd.bv_val ) : 0;
}
}
--------------060204070408080909040407--