patch to prevent segmentation fault on joining a very long domain name in samba-3.0.32

[Bhaskar Jain (bhajain)]

Hello Volker,

   I had not tested before with the long domain name after changing
function parameter to "uint8 *"  and now on test joining the very long
domain name results in segmentation fault and core dump , since the
culprit is the automatic conversion of ptr[1] to uint 16 since len is
uint 16 and that is what causes the problem.

So just changing this line   - 

len = ((ptr[0] & 0x3f) << 8) | ptr[1];
 
to 

len = ((ptr[0] & 0x3f) << 8) | (uint8) ptr[1];

solves the problem since now we are now explicitly typecasting ptr[1] to
uint8. Now no seg fault happens. Changing the function parameter to
uint8 is not the solution. Please find the attached diff style patch.
Sorry, I do not have access to git repository. This patch has this line
change in cldap.c.

Do we need to file a bug in bugzilla regarding this segmenatation fault
problem so as to this patch is included. Please advise.
      

Thanks & Regards,
     Bhaskar 
bhajain at ironport.com
 

-----Original Message-----
From: Volker Lendecke [mailto:Volker.Lendecke at SerNet.DE] 
Sent: Monday, March 16, 2009 6:37 PM
To: Bhaskar Jain (bhajain)
Cc: shibp at ironport.com; samba-technical at lists.samba.org
Subject: Re: patch to prevent segmentation fault on joining a very long
domain name in samba-3.0.32

On Mon, Mar 16, 2009 at 06:33:48PM +0530, Bhaskar Jain (bhajain) wrote:
>     If it is safe to change the function parameter to "const uint8 *",

> then it is fine to be changed that way.
>     Please provide your thoughts. 

If it also solves the problem for you, perfect.

Can you provide a git format-patch style patch? This way you get proper
credit in git log.

Thanks,

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff
Type: application/octet-stream
Size: 352 bytes
Desc: diff
Url : http://lists.samba.org/archive/samba-technical/attachments/20090318/8622730b/diff.obj