Carsten.Agger@tietoenator.com wrote:
We have found a bug in libraries/libldap/result.c which may cause an infinite loop in some situations.
The error is this, in the function wait4msg():
if ( rc == LDAP_MSG_X_KEEP_LOOKING && tvp != NULL ) { tmp_time = time( NULL ); tv0.tv_sec -= ( tmp_time - start_time ); if ( tv0.tv_sec <= 0 ) { rc = 0; /* timed out */ ld->ld_errno = LDAP_TIMEOUT; break; } tv.tv_sec = tv0.tv_sec; ... }
The problem is this: The check ( tv0.tv_sec <= 0 ) is always true, since tv_sec (on our system, at least) is an unsigned int.
The problem is fixed by casting it to int:
if ( (int) tv0.tv_sec <= 0 ) { ... }however this might not be the most suitable way to fix it.
On 32 bit Linux, it is defined as long. In any case, ((unsigned) <= 0) is not always true; it's only true when ( == 0), because an unsigned cannot be negative. The solution rather consists in testing if the value of tv_sec would be negative after subtracting ( tmp_time - start_time ).
Please file a bug, and state what's your system.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------