Re: (ITS#6946) ldapexop: ber_free_buf: Assertion failed - openldap-bugs

3 Jun 2011


      jvcelak@redhat.com wrote:
...
Full_Name: Jan Vcelak
Version: 2.4.25
OS: Linux
URL: ftp://ftp.openldap.org/incoming/jvcelak-110519-ldapexop-double-free.patch
Submission from: (NULL) (209.132.186.34)
Hello.
A problem with crashing ldapexop was reported to our bugzilla. All versions
since 2.4.24 are affected. It seems that the bug was introduced by following
change in ldapexop.c.
http://www.openldap.org/devel/cvsweb.cgi/clients/tools/ldapexop.c.diff?r1=1....
Easy to reproduce. With clean configuration run:
$ ldapexop -H ldap:// -x whoami
anonymous
ldapexop: ../../../libraries/liblber/io.c:186: ber_free_buf: Assertion
`((ber)->ber_opts.lbo_valid==0x2)' failed.
Aborted
Complete steps to reproduce in Fedora are specified in the original bugreport:
https://bugzilla.redhat.com/show_bug.cgi?id=699683
I think it is cause by double freeing the result. I am attaching a proposed
patch. Please, review my change.
Thank you.
Thanks for the report, patch applied to git.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/