https://bugs.openldap.org/show_bug.cgi?id=10162
--- Comment #1 from Howard Chu <[email protected]> --- Thanks for the report. The code in sql-wrap.c backsql_BindRowAsStrings_x() only allocates MAX_ATTR_LEN for these values. Returning more than that size would eventually corrupt memory. A safer fix would be to just cap value_len to MAX_ATTR_LEN and return only the truncated value. I don't know enough about back-sql to know why there is a MAX_ATTR_LEN at all. But if you're going to be dealing with larger binary values, you probably should just redefine this to a suitable size for your installation. -- You are receiving this mail because: You are on the CC list for the issue.
