hyc@symas.com wrote:
Howard Chu wrote:
jgilmour@techsmog.com wrote:
Full_Name: Josh Gilmour Version: ldapsearch 2.3.43 (Nov 29 2010 03:47:14) OS: CentOS release 5.4 32bit URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (38.112.23.58)
I get a segfault when using the following command and applying a filter file. If we remove the -f, the command runs properly. It doesn't seem to be a major security issue (or one at all, I'm not sure), but it does seem to be a bug I believe...
OpenLDAP 2.3 is no longer supported. If you can reproduce this bug in a current release please followup with the relevant stack trace, otherwise this ITS will be closed. Currently I see no such symptom in 2.4.x.
Valgrind disagreed with me, the bug was still present in 2.4. Fixed in HEAD.
But the fix needs some more thought. I don't believe this combination of options actually makes any sense; we should probably just disallow it.