From 6e5ddd64204ba7820d952412f6046271fa16ef98 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sat, 13 Dec 2003 17:21:17 +0000 Subject: [PATCH] note a potential problem --- servers/slapd/sasl.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 8149e7336f..9f3046718f 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -1794,6 +1794,13 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, len = dn->bv_len + sizeof("uid=")-1 + sizeof(",cn=auth")-1; /* username may have embedded realm name */ + /* FIXME: + * 1) userids can legally have embedded '@' chars + * 2) we're mucking with memory we do not possess + * 3) this should not be required, since we're + * mostly doing strncpy's so we know how much + * memory to copy ... + */ if( ( realm = strchr( dn->bv_val, '@') ) ) { *realm++ = '\0'; len += sizeof(",cn=")-2; @@ -1842,7 +1849,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, LDAP_LOG( TRANSPORT, ENTRY, "slap_sasl_getdn: u:id converted to %s.\n", dn->bv_val, 0, 0 ); #else - Debug( LDAP_DEBUG_TRACE, "getdn: u:id converted to %s\n", dn->bv_val,0,0 ); + Debug( LDAP_DEBUG_TRACE, "slap_sasl_getdn: u:id converted to %s\n", dn->bv_val,0,0 ); #endif } else { -- 2.39.5