[Bug 1461276] Re: off-by-one in LDIF length
Kartik Subbarao
subbarao at computer.org
Wed Jun 3 14:55:13 UTC 2015
I have run both 2.4.31 and 2.4.40 for a few days, and have only
experienced this type of slapd crash with 2.4.40. That by itself isn't
conclusive though, since memory corruption errors can be sensitive in
how they manifest. Looking at the code briefly, I see that the same off-
by-one error in include/ldif.h is present in the 2.4.31 code (as well as
2.4.28), so the potential for the bug to be expressed is likely there in
the earlier versions as well. I hedge with "likely" because it seems
that there have been many changes made to this part of the code
recently, and I've seen that just reading it briefly can be misleading
when drawing firm conclusions.
The most conservative approach would be just to patch 2.4.40 for now,
unless/until people report this bug in earlier versions. A more
aggressive approach would be to patch 2.4.31 and 2.4.28 and wait for
people to report other things breaking in the earlier versions.
As an aside -- I'm actually building/running the 2.4.40 package on
14.04, not on Wily -- and I have verified that adding the patch to the
package build fixes the bug.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1461276
Title:
off-by-one in LDIF length
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions
More information about the Ubuntu-server-bugs
mailing list