BUG: Garbage in output buffer when using canonuser_plugin: ldapdb, patch included
Paweł Tomulik
ptomulik at meil.pw.edu.pl
Sat Oct 13 07:03:11 EDT 2012
Hi,
I found that there is problem with ldap-based username canonicalization
(at least in cyrus-sasl-2.1.25).
This happens, when the input username is longer than canonical
user name returned from LDAP (note, there is an exception for
the cases, when the attribute defined as canonical name is used
as entry's RDN).
Consider, we have original login 12345678 at example.tld, for which
the canonical name (e.g. uid) returned from LDAP is 1234 at example.com
(and uid is NOT used as entry's RDN). In the current version
the canonicalization will go as follows:
original login: 12345678 at example.tld
canonical val: 1234 at example.com
result from sasl: 1234 at example.com.tld
What is wrong here is, that in current version of cyrus-sasl the result
buffer
contains garbage at end (the extra '.tld' above). Someone forgot to append
trailing '\0' to the end of string.
I attach a patch which fixes the issue.
NOTE: this bug was reported to the maintainers of Debian's package
libsasl2-modules-ldap,
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689346
but I see no activity since 10 days, so I decided to send it here.
With best regards!
--
Pawel Tomulik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-canonuser-ldapdb-garbage-in-out-buffer.patch
Type: text/x-diff
Size: 335 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20121013/d0d2396c/attachment.bin
More information about the Cyrus-sasl
mailing list