From deee7442b48102e22b835866974876e72c7a68dd Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Mon, 18 Mar 2002 16:16:47 +0000
Subject: [PATCH] Fix ITS#1649, a filter constructed from a BUFSIZ input line
 combined with an argv[] filtpattern will be larger than BUFSIZ.

---
 clients/tools/ldapsearch.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c
index a1bfceb468..bf76dbdfdd 100644
--- a/clients/tools/ldapsearch.c
+++ b/clients/tools/ldapsearch.c
@@ -935,7 +935,7 @@ static int dosearch(
 	struct timeval *timeout,
 	int sizelimit )
 {
-	char		filter[ BUFSIZ ];
+	char			*filter;
 	int			rc;
 	int			nresponses;
 	int			nentries;
@@ -946,6 +946,12 @@ static int dosearch(
 	ber_int_t	msgid;
 
 	if( filtpatt != NULL ) {
+		filter = malloc( strlen( filtpatt ) + strlen( value ) );
+		if( filter == NULL ) {
+			perror( "malloc" );
+			return EXIT_FAILURE;
+		}
+
 		sprintf( filter, filtpatt, value );
 
 		if ( verbose ) {
@@ -957,7 +963,7 @@ static int dosearch(
 		}
 
 	} else {
-		sprintf( filter, "%s", value );
+		filter = value;
 	}
 
 	if ( not ) {
@@ -967,6 +973,10 @@ static int dosearch(
 	rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
 		sctrls, cctrls, timeout, sizelimit, &msgid );
 
+	if ( filtpatt != NULL ) {
+		free( filter );
+	}
+
 	if( rc != LDAP_SUCCESS ) {
 		fprintf( stderr, "%s: ldap_search_ext: %s (%d)\n",
 			prog, ldap_err2string( rc ), rc );
-- 
2.39.5