Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix segfault in internal function _ldap.str2dn #550

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix segfault in internal function _ldap.str2dn #550

wants to merge 1 commit into from

Conversation

tiran
Copy link
Member

@tiran tiran commented Nov 15, 2023

l_ldap_str2dn crashes with a NULL pointer deref when an empty string or None is passed in. ldap_bv2dn returns success with NULL dn for an empty berval struct. In debug builds, ldap_bv2dn fails with an assertion error.

The function now returns an empty list for an empty input.

Note: The public API of python-ldap is not affected. The wrapper ldap.dn.str2dn does not pass an empty string to the low-level function.

Fixes: #549

@tiran
Fix segfault in internal function _ldap.str2dn
f4f0cba 
`l_ldap_str2dn` crashes with a NULL pointer deref when an empty string
or None is passed in. `ldap_bv2dn` returns success with NULL dn for an
empty berval struct. In debug builds, `ldap_bv2dn` fails with an
assertion error.

The function now returns an empty list for an empty input.

Note: The public API of python-ldap is not affected. The wrapper
`ldap.dn.str2dn` does not pass an empty string to the low-level
function.

Fixes: python-ldap#549
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@mistotebe
Copy link
Contributor

ldap_bv2dn() accepts an empty string "", returning a NULL dn which is what l_ldap_str2dn doesn't handle. I admit it's not documented that it's not an empty list (what's expected here). But I think passing None (= NULL) to ldap_bv2dn() should (still) raise an error (ValueError?).

@tiran
Copy link
Member Author

tiran commented Nov 15, 2023

No, ldap_bv2dn() is not designed to take an empty string as berval input. The code has an assert bvin->bv_val != NULL, which fails and crashes with an empty string when OpenLDAP is compiled with asserts enabled. The ticket has more details.

@tiran
Copy link
Member Author

tiran commented Nov 15, 2023

The function accepts None because it uses z# to parse the input value. z# accepts an UTF-8 string, bytes-like object, or None.

@mistotebe
Copy link
Contributor

No, ldap_bv2dn() is not designed to take an empty string as berval input. The code has an assert bvin->bv_val != NULL, which fails and crashes with an empty string when OpenLDAP is compiled with asserts enabled. The ticket has more details.

You're talking about different things:

  • empty string "" ({ .bv_val = "", .bv_len = 0 })
  • BVNULL ({ .bv_val = NULL, .bv_len = 0 })
  • NULL pointer

The first is allowed, the other two are not.

@mistotebe
Copy link
Contributor

The function accepts None because it uses z# to parse the input value. z# accepts an UTF-8 string, bytes-like object, or None.

And what I'm saying is we raise ValueError on None? Others are handled as usual.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

_ldap.str2dn() segfaults when called with empty string
2 participants
@tiran @mistotebe