[PATCHES] avoid memory errors with ldb client cookies
jra at samba.org
Fri Mar 18 20:34:10 UTC 2016
On Fri, Mar 18, 2016 at 10:33:06AM +0100, Volker Lendecke wrote:
> On Fri, Mar 18, 2016 at 03:53:22PM +1300, Douglas Bagnall wrote:
> > hi,
> > Ldb has a function int ldb_base64_decode(char *) that decodes a base64
> > string in place and returns the new length (it is always shorter). If
> > the string is not base64, it returns -1. Callers of this function in
> > lib/ldb/common/ldb_controls.c were using the returned value in a
> > talloc_memdup, where the -1 would convert to the largest size_t the
> > machine could imagine. That is very unlikely to be successful.
> > AFAICT, this is only used in lib/ldb/tools/ldb*.c and in Python code.
> R-b me for the first one.
LGTM - pushed the first patch only.
More information about the samba-technical