https://bugs.openldap.org/show_bug.cgi?id=10438
Issue ID: 10438 Summary: Potential Dereference of NULL in ber_bvreplace_x Product: OpenLDAP Version: 2.6.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs@openldap.org Reporter: mishtitov@gmail.com Target Milestone: ---
Return value of a function `ber_memrealloc_x` is dereferenced at [memory.c:711](https://git.openldap.org/openldap/openldap/-/blob/master/libraries/liblber/m...) withouth checking for NULL, but it is usually checked for this function. Notice that `ber_memrealloc_x()` might return NULL when `realloc()` fails. PLease consider adding a NULL check.
https://bugs.openldap.org/show_bug.cgi?id=10438
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|UNCONFIRMED |RESOLVED
--- Comment #1 from Howard Chu hyc@openldap.org --- Fixed in git 0e893fd788d28616959f01f63bf2e43e889bf325
https://bugs.openldap.org/show_bug.cgi?id=10438
--- Comment #2 from mishtitov@gmail.com --- Thanks!
https://bugs.openldap.org/show_bug.cgi?id=10438
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Target Milestone|--- |2.6.13
https://bugs.openldap.org/show_bug.cgi?id=10438
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org --- head:
• 0e893fd7 by Howard Chu at 2026-02-02T16:49:07+00:00 ITS#10438 liblber: check for realloc failure in ber_bvreplace_x()
RE26:
• 07f28701 by Howard Chu at 2026-02-13T01:15:36+00:00 ITS#10438 liblber: check for realloc failure in ber_bvreplace_x()
https://bugs.openldap.org/show_bug.cgi?id=10438
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED
https://bugs.openldap.org/show_bug.cgi?id=10438
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=10493
-
openldap-its@openldap.org