touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #82182
[Bug 1461276] Re: off-by-one in LDIF length
I have run both 2.4.31 and 2.4.40 for a few days, and have only
experienced this type of slapd crash with 2.4.40. That by itself isn't
conclusive though, since memory corruption errors can be sensitive in
how they manifest. Looking at the code briefly, I see that the same off-
by-one error in include/ldif.h is present in the 2.4.31 code (as well as
2.4.28), so the potential for the bug to be expressed is likely there in
the earlier versions as well. I hedge with "likely" because it seems
that there have been many changes made to this part of the code
recently, and I've seen that just reading it briefly can be misleading
when drawing firm conclusions.
The most conservative approach would be just to patch 2.4.40 for now,
unless/until people report this bug in earlier versions. A more
aggressive approach would be to patch 2.4.31 and 2.4.28 and wait for
people to report other things breaking in the earlier versions.
As an aside -- I'm actually building/running the 2.4.40 package on
14.04, not on Wily -- and I have verified that adding the patch to the
package build fixes the bug.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1461276
Title:
off-by-one in LDIF length
Status in openldap package in Ubuntu:
New
Bug description:
Would it be possible to include the patch for ITS#8003 in the next
build of the 2.4.40 package?
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=patch;h=c8353f7acdec4a42f537b0d475aaae005ba72363
It fixes a bug that causes slapd to crash when the audit log is
enabled and a large base64-encoded attribute is printed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions
References