leitao@debian.org wrote:

Full_Name: Breno Leitao Version: upstream OS: Debian URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (32.104.18.202)

Currently, do_random() function in tests/progs/slapd-mtread.c uses a random number (upto RAND_MAX) to access an array that is much smaller than RAND_MAX, causing a segfault.

This causes a segmentation fault and more details could be found at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866122

Thanks for the report. I've examined your proposed patch in your debian bugtracker. It doesn't make much sense though.

The random number is being correctly scaled, line 682:

int r = ((double)nvalues)*rand()/(RAND_MAX + 1.0);

Which means the value of r can only be from 0 to nvalues-1.

And there should be no difference between nvalues and i, since on line 657:

nvalues = ldap_count_entries( ld, res );

Since i is simply iterated through all of the entries in the response, the two values cannot disagree.

Finally, such a simple bug as your patch suggests would have crashed long ago on every other machine/OS, and it has never done so. I don't believe you've identified the actual bug.