(ITS#5934) NULL pointer usage in ldap_new_connection(), causes segmentation fault - openldap-bugs

9 Feb 2009

Full_Name: Brad Plank
Version: 2.4.13
OS: FreeBSD
URL: ftp://ftp.openldap.org/incoming/brad-plank-090209.patch
Submission from: (NULL) (199.120.225.110)
NULL pointer usage in:
LDAPConn *
ldap_new_connection( LDAP *ld, LDAPURLDesc **srvlist, int use_ldsb,
        int connect, LDAPreqinfo *bind )
...
if ( lc->lconn_server->lud_exts ) {
...
The below patch is to fix this issue, since the pointer "lconn_server" should
only be used when "connect" is non-zero:
==================================================================

--- libraries/libldap/request.c.orig    2008-11-07 20:15:17.000000000 -0500
+++ libraries/libldap/request.c 2009-02-09 11:01:56.000000000 -0500
@@ -452,9 +452,9 @@ ldap_new_connection( LDAP *ld, LDAPURLDe
        ldap_pvt_thread_mutex_unlock( &ld->ld_conn_mutex );
 #endif
-       if ( lc->lconn_server->lud_exts ) {
-#ifdef HAVE_TLS
                if ( connect ) {
+#ifdef HAVE_TLS
+               if ( lc->lconn_server->lud_exts ) {
                        int rc, ext = find_tls_ext( lc->lconn_server );
                        if ( ext ) {
                                LDAPConn        *savedefconn;
==================================================================
I, Brad Plank, hereby place the following modifications to OpenLDAP Software
(and only these modifications) into the public domain. Hence, these
modifications may be freely used and/or redistributed for any purpose with or
without attribution and/or other notice.

    