https://bugs.openldap.org/show_bug.cgi?id=9743
Issue ID: 9743
Summary: LDAP_OPT_SOCKET_BIND_ADDRESSES - sin_port is not
initialized
Product: OpenLDAP
Version: 2.5.6
Hardware: All
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
When LDAP_OPT_SOCKET_BIND_ADDRESSES is set, and ldap_search_s is being called,
valgrind detects uninitialised value (ip4addr.sin_port).
Valgrind log:
=52721== Syscall param socketcall.bind(my_addr.sin_port) points to
uninitialised byte(s)
==52721== at 0x54C7F2B: bind (syscall-template.S:120)
==52721== by 0x52434A5: ldap_connect_to_host (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x52352CD: ldap_int_open_connection (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x524875B: ldap_new_connection (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x523494D: ldap_open_defconn (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x52493F7: ldap_send_initial_request (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x52387E7: ldap_search (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x52388AD: ldap_search_s (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
==52721== by 0x28565F: check_ldap (simple.c:83)
==52721== Address 0x1ffeff6122 is on thread 1's stack
==52721== in frame #1, created by ldap_connect_to_host (???:)
==52721== Uninitialised value was created by a stack allocation
==52721== at 0x5242DE0: ldap_connect_to_host (in
/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0.1.1)
Looks like, the ip4addr.sin_port should be set to 0 in ldap_connect_to_host. It
works, but it looks like it is a bug, and may fail under other circumstances.
--
You are receiving this mail because:
You are on the CC list for the issue.
