[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-dev
Subject: PATCH: incorrect use of an enum in util_ldap.h struct
From: "David Jones" <oscaremma () gmail ! com>
Date: 2007-02-23 19:03:16
Message-ID: 3ce0569d0702231103u2cf4dc5fua6c6d9e61f2639 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
In util_ldap.h there is a use of an enum in util_ldap.h (struct
util_ldap_connection_t) with the assumption that it is of length int.
Similar enum in aaa/mod_authnz_ldap.c.
As the size of an enum is indeterminate this call in util_ldap.c may/may
not get a valid value based on how the compiler handles it:
ldap_set_option(ldc->ldap, LDAP_OPT_DEREF, &(ldc->deref));
By changing the stuct to use an int type for deref instead of deref_options
we guarantee valid behavior.
Index: httpd-trunk/include/util_ldap.h
===================================================================
--- httpd-trunk/include/util_ldap.h (revision 494665)
+++ httpd-trunk/include/util_ldap.h (working copy)
@@ -92,7 +92,7 @@
const char *host; /* Name of the LDAP server (or
space separated list) */
int port; /* Port of the LDAP server */
- deref_options deref; /* how to handle alias dereferening
*/
+ int deref; /* how to handle alias dereferening
*/
const char *binddn; /* DN to bind to server (can be
NULL) */
const char *bindpw; /* Password to bind to server (can
be NULL) */
@@ -202,11 +202,11 @@
* use this connection while it is busy. Once you are finished with a
connection,
* apr_ldap_connection_close() must be called to release this
connection.
* @deffunc util_ldap_connection_t *util_ldap_connection_find(request_rec
*r, const char *host, int port,
- * const char
*binddn, const char *bindpw, deref_options deref,
+ * const char
*binddn, const char *bindpw, int deref,
* int
netscapessl, int starttls)
*/
APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t
*,uldap_connection_find,(request_rec *r, const char *host, int port,
- const char *binddn, const
char *bindpw, deref_options deref,
+ const char *binddn, const
char *bindpw, int deref,
int secure));
/**
Index: httpd-trunk/modules/ldap/util_ldap.c
===================================================================
--- httpd-trunk/modules/ldap/util_ldap.c (revision 510991)
+++ httpd-trunk/modules/ldap/util_ldap.c (working copy)
@@ -443,7 +443,7 @@
uldap_connection_find(request_rec *r,
const char *host, int port,
const char *binddn, const char *bindpw,
- deref_options deref, int secure)
+ int deref, int secure)
{
struct util_ldap_connection_t *l, *p; /* To traverse the linked list */
int secureflag = secure;
Index: httpd-trunk/modules/aaa/mod_authnz_ldap.c
===================================================================
--- httpd-trunk/modules/aaa/mod_authnz_ldap.c (revision 494665)
+++ httpd-trunk/modules/aaa/mod_authnz_ldap.c (working copy)
@@ -57,7 +57,7 @@
char **attributes; /* Array of all the attributes to
return */
int scope; /* Scope of the search */
char *filter; /* Filter to further limit the search
*/
- deref_options deref; /* how to handle alias dereferening */
+ int deref; /* how to handle alias dereferening */
char *binddn; /* DN to bind to server (can be NULL)
*/
char *bindpw; /* Password to bind to server (can be
NULL) */
[Attachment #5 (text/html)]
In util_ldap.h there is a use of an enum in util_ldap.h (struct
util_ldap_connection_t) with the assumption that it is of length int. <br>Similar \
enum in aaa/mod_authnz_ldap.c.<br>As the size of an enum is indeterminate this \
call in util_ldap.c may/may not get a valid value based on how the compiler handles \
it: <br> \
ldap_set_option(ldc->ldap, LDAP_OPT_DEREF, &(ldc->deref));<br><br>By \
changing the stuct to use an int type for deref instead of deref_options we guarantee \
valid behavior.<br><br><br>Index: httpd-trunk/include/util_ldap.h \
<br>==============================<div>=====================================<br>--- \
httpd-trunk/include/util_ldap.h (revision 494665)<br>+++ \
httpd-trunk/include/util_ldap.h (working copy)<br>@@ -92,7 +92,7 @@ \
<br> <br> const char \
*host; \
/* Name of the LDAP server (or space separated list) */ <br> \
int port; \
/* Port of the LDAP server */<br>- deref_options \
deref; \
/* how to handle alias dereferening */<br>+ int \
deref; \
/* how to handle alias dereferening */ <br> <br> const \
char *binddn; \
/* DN to bind to server (can be NULL) */<br> const char \
*bindpw; \
/* Password to bind to server (can be NULL) */<br>@@ -202,11 +202,11 @@<br> \
* use this connection while it is busy. Once you are \
finished with a connection, <br> * \
apr_ldap_connection_close() must be called to release this connection.<br> * \
@deffunc util_ldap_connection_t *util_ldap_connection_find(request_rec *r, const char \
*host, int port,<br>- \
* & \
nbsp; &nb \
sp;   \
; \
const char *binddn, const char *bindpw, deref_options deref, <br>+ \
* & \
nbsp; &nb \
sp;   \
; \
const char *binddn, const char *bindpw, int deref, <br> \
* & \
nbsp; &nb \
sp;   \
; \
int netscapessl, int starttls)<br> */ \
<br> APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t \
*,uldap_connection_find,(request_rec *r, const char *host, int \
port,<br>- &nbs \
p; \
\
const char *binddn, const char *bindpw, deref_options deref, \
<br>+ &nb \
sp;   \
; \
const char *binddn, const char *bindpw, int \
deref,<br> &nbs \
p; \
\
int secure));<br> <br> /**<br>Index: httpd-trunk/modules/ldap/util_ldap.c \
<br>===================================================================<br>--- \
httpd-trunk/modules/ldap/util_ldap.c (revision 510991)<br>+++ \
httpd-trunk/modules/ldap/util_ldap.c (working copy)<br>@@ -443,7 \
+443,7 @@ <br> \
uldap_connection_find(request_rec \
*r,<br> & \
nbsp; \
const char *host, int \
port,<br>   \
; \
const char *binddn, const char \
*bindpw,<br>- & \
nbsp; \
deref_options deref, int secure) \
<br>+ &nb \
sp; \
int deref, int secure)<br> {<br> struct \
util_ldap_connection_t *l, *p; /* To traverse the linked list \
*/<br> int secureflag = secure;<br>Index: \
httpd-trunk/modules/aaa/mod_authnz_ldap.c \
<br>===================================================================<br>--- \
httpd-trunk/modules/aaa/mod_authnz_ldap.c (revision 494665)<br>+++ \
httpd-trunk/modules/aaa/mod_authnz_ldap.c (working copy)<br>@@ \
-57,7 +57,7 @@ <br> char \
**attributes; \
/* Array of all the attributes to return */<br> int \
scope; \
/* Scope of the search */<br> char \
*filter; \
/* Filter to further limit the search */ <br>- deref_options \
deref; /* how to \
handle alias dereferening */<br>+ int \
deref; \
/* how to handle alias dereferening */<br> char \
*binddn; \
/* DN to bind to server (can be NULL) */ <br> char \
*bindpw; \
/* Password to bind to server (can be NULL) */</div>
["deref01.patch" (application/octet-stream)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic