https://bugs.openldap.org/show_bug.cgi?id=9922
Issue ID: 9922 Summary: Uninitialized value reading in clients/tools/common.c:tool_bind() Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs@openldap.org Reporter: dpa-openldap@aegee.org Target Milestone: ---
One possible flow in https://git.openldap.org/openldap/openldap/-/blob/master/clients/tools/commo... is:
int err; if ( result ) { rc = ldap_parse_result( ld, result, &err, &matched, &info, &refs, &ctrls, 1 ); if ( rc != LDAP_SUCCESS ) { tool_perror( "ldap_bind parse result", rc, NULL, matched, info, refs ); tool_exit( ld, LDAP_LOCAL_ERROR ); } }
if ( err != LDAP_SUCCESS …
When result is NULL, err is not initialized, and the last line reads uninitialized value.
https://bugs.openldap.org/show_bug.cgi?id=9922
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|UNCONFIRMED |RESOLVED
--- Comment #1 from Howard Chu hyc@openldap.org --- Cannot happen. All preceding cases that fail to retrieve result invoke tool_exit() and never return.
https://bugs.openldap.org/show_bug.cgi?id=9922
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org