Gitweb:
https://git.exim.org/exim.git/commitdiff/51b611aa81d7ee01243b196abc34a0e2eabd293c
Commit: 51b611aa81d7ee01243b196abc34a0e2eabd293c
Parent: 61eac6b579e27f3959c7048a17ac5a36b0c32002
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Fri Oct 30 12:46:05 2020 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Fri Oct 30 12:46:05 2020 +0000
LDAP: fix taint-check in server list walk. Bug 2646
---
doc/doc-txt/ChangeLog | 7 ++++++-
src/src/lookups/ldap.c | 14 ++++++--------
test/confs/9001 | 2 +-
3 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 1ce732f..9592181 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -121,10 +121,15 @@ PP/01 Fix default prime selection to be consistent.
execution flows will use the same DH primes (currently
exim.dev.20160529.3).
-JH/25 OpenSSL: Fix back-compatibiility behaviour surrounding tls_certificates
+JH/25 OpenSSL: Fix back-compatibility behaviour surrounding tls_certificates
option in smtp transport, to match the documentation. Previously
verification was not being done in some cases where it should have been.
+JH/26 Bug 2646: fix a memory usage issue in ldap lookups. Previously, when more
+ than one server was defined and depending on the platform memory layout
+ details, an internal consistency trap could be hit while walking the list
+ of servers.
+
Exim version 4.94
-----------------
diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index e2dbe51..1674c9f 100644
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -1091,9 +1091,7 @@ const uschar *p;
uschar *user = NULL;
uschar *password = NULL;
uschar *local_servers = NULL;
-uschar *server;
const uschar *list;
-uschar buffer[512];
while (isspace(*url)) url++;
@@ -1251,13 +1249,13 @@ if (!eldap_default_servers && !local_servers || p[3] != '/')
&defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
referrals);
-/* Loop through the default servers until OK or FAIL. Use local_servers list
- * if defined in the lookup, otherwise use the global default list */
-list = !local_servers ? eldap_default_servers : local_servers;
-while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))
+/* Loop through the servers until OK or FAIL. Use local_servers list
+if defined in the lookup, otherwise use the global default list */
+
+list = local_servers ? local_servers : eldap_default_servers;
+for (uschar * server; server = string_nextinlist(&list, &sep, NULL, 0); )
{
- int rc;
- int port = 0;
+ int rc, port = 0;
uschar *colon = Ustrchr(server, ':');
if (colon)
{
diff --git a/test/confs/9001 b/test/confs/9001
index a1f4ba3..ba5a168 100644
--- a/test/confs/9001
+++ b/test/confs/9001
@@ -18,7 +18,7 @@ r0:
r1:
driver = redirect
- data = ${lookup ldap user="cn=xxx,o=yyy,c=UK" pass="secret" \
+ data = ${lookup ldap {USER="cn=xxx,o=yyy,c=UK" PASS="secret" \
ldap:///o=zzz,c=UK,?sn?sub?(cn=foo)}}
