On Fri, Nov 29, 2019 at 09:08:15AM +0000, stephan@srlabs.de wrote:
Unauthenticated remote denial-of-service through malformed ldap packet caused by a null pointer dereference in ber_skip_tag function (libraries/liblber/decode.c).
==4066091== by 0x4FD051: cancel_extop (cancel.c:52)
Hi Stephan, thanks for the report, this should be fixed by commit 1dbf0e9441def3d6dbc0fa8fba3c2e86fa50fa19 in master.
Looks like you are fuzzing the server which has been on my to do list for a while, many thanks for that and I'm looking forward to reading how you did it. Would you be willing to help the project integrate your work in its testing process after you've finished?
Thanks,