note a potential problem

diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 8149e7336fb78546d52dfe300f26fc5fe9225a42..9f3046718f96b3b3482255dadf694a8623b51e5a 100644 (file)
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -1794,6 +1794,13 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len,
                len = dn->bv_len + sizeof("uid=")-1 + sizeof(",cn=auth")-1;
 
                /* username may have embedded realm name */
+               /* FIXME:
+                * 1) userids can legally have embedded '@' chars
+                * 2) we're mucking with memory we do not possess
+                * 3) this should not be required, since we're 
+                *    mostly doing strncpy's so we know how much
+                *    memory to copy ...
+                */
                if( ( realm = strchr( dn->bv_val, '@') ) ) {
                        *realm++ = '\0';
                        len += sizeof(",cn=")-2;
@@ -1842,7 +1849,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len,
                LDAP_LOG( TRANSPORT, ENTRY, 
                        "slap_sasl_getdn: u:id converted to %s.\n", dn->bv_val, 0, 0 );
 #else
-               Debug( LDAP_DEBUG_TRACE, "getdn: u:id converted to %s\n", dn->bv_val,0,0 );
+               Debug( LDAP_DEBUG_TRACE, "slap_sasl_getdn: u:id converted to %s\n", dn->bv_val,0,0 );
 #endif
        } else {