https://bugs.openldap.org/show_bug.cgi?id=10442
Issue ID: 10442
Summary: BAD_COPY_PASTE In function 'dds_db_open': Value
'di_max_ttl' might be 'di_min_ttl'
Product: OpenLDAP
Version: 2.6.8
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: build
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Based on the description in the link, the logic is as follows:
https://www.opennet.ru/cgi-bin/opennet/man.cgi?topic=slapo-dds&category=5
Both values can be specified in the slapd.conf configuration file, from where
they will be read, but if neither is specified, then:
dds-max-ttl will default to 86400 seconds = 1 day (i.e.,
DDS_RF2589_DEFAULT_TTL).
dds-min-ttl will default to 0, indicating that the lower TTL limit is not set.
What we see in the implementation code:
If di->di_max_ttl == 0 (does this mean "di->di_max_ttl is not defined"?), then
di->di_max_ttl will receive DDS_RF2589_DEFAULT_TTL. That is, the implementation
actually sets what should be the default if the value is undefined.
If di->di_min_ttl == 0 (does this mean "di->di_min_ttl is undefined"?), then
di->di_max_ttl receives DDS_RF2589_DEFAULT_TTL. That is, if the value is
undefined (is 0 at the time of checking), the implementation sets
di->di_max_ttl to the default value.
I believe there will be incorrect behavior in the following scenario: if,
before these conditions are met, di->di_max_ttl == 100000, and di->di_min_ttl
== 0, then di->di_max_ttl will be overwritten with the default 86400 for no
apparent reason.
Besides this:
The current dds_db_open is executed after dds_db_init, where di->di_min_ttl is
missing from the definition, but instead is written twice:
di->di_max_ttl = DDS_RF2589_DEFAULT_TTL;
di->di_max_ttl = DDS_RF2589_DEFAULT_TTL;
This, in my opinion, is also a sign of bad_copy_paste.
I think the status is Confirmed+Major.
--
You are receiving this mail because:
You are on the CC list for the issue.
