[EMAIL PROTECTED] wrote: > Full_Name: Arthur Anhalt > Version: 2.4.12 > OS: Ubuntu 8.04 > URL: > Submission from: (NULL) (205.200.169.138) > > > When parsing password change extended operations, > servers/slapd/passwd.c:slap_passwd_parse() calls ber_get_stringbv() with > LBER_BV_NOTERM set. The resulting bv_val doesn't end with a \0. > > In libraries/liblutil/passwd.c:chk_crypt will return an error is the old and > new > passwords do not end with a null terminator. I believe more of the chk_* > functions > return the same error. > > This is the same bug as ITS#5575, but affects the core system, not contributed > code.
Fixed in HEAD, thanks. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
