[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8301) signed/unsigned confusion in ber_get_next()

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8301) signed/unsigned confusion in ber_get_next()
From: ryan@nardis.ca
Date: Thu, 05 Nov 2015 05:33:40 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Thu, Nov 05, 2015 at 12:12:26AM +0000, ondra@mistotebe.net wrote:
>Hi, the following will assert in liblber on i386 (and it should be possible to
>craft a similar one for 64bit, I think):
>
>echo 'CoSSoJKSCg==' | base64 -d | ~/code/openldap/libraries/liblber/etest .

ITYM dtest?

slapd's sane default setting for sb_max_incoming appears to mitigate 
most of the potential security impact of this one.

Prev by Date: (ITS#8301) signed/unsigned confusion in ber_get_next()
Next by Date: Re: (ITS#8267) contributing a new overlay unicodepw
Index(es):
- Chronological
- Thread