https://bugs.openldap.org/show_bug.cgi?id=9743

Issue ID: 9743 Summary: LDAP_OPT_SOCKET_BIND_ADDRESSES - sin_port is not initialized Product: OpenLDAP Version: 2.5.6 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs@openldap.org Reporter: dg0319q@gmail.com Target Milestone: ---

When LDAP_OPT_SOCKET_BIND_ADDRESSES is set, and ldap_search_s is being called, valgrind detects uninitialised value (ip4addr.sin_port).

Valgrind log: =52721== Syscall param socketcall.bind(my_addr.sin_port) points to uninitialised byte(s) ==52721== at 0x54C7F2B: bind (syscall-template.S:120) ==52721== by 0x52434A5: ldap_connect_to_host (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x52352CD: ldap_int_open_connection (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x524875B: ldap_new_connection (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x523494D: ldap_open_defconn (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x52493F7: ldap_send_initial_request (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x52387E7: ldap_search (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x52388AD: ldap_search_s (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1) ==52721== by 0x28565F: check_ldap (simple.c:83) ==52721== Address 0x1ffeff6122 is on thread 1's stack ==52721== in frame #1, created by ldap_connect_to_host (???:) ==52721== Uninitialised value was created by a stack allocation ==52721== at 0x5242DE0: ldap_connect_to_host (in /usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)

Looks like, the ip4addr.sin_port should be set to 0 in ldap_connect_to_host. It works, but it looks like it is a bug, and may fail under other circumstances.