| From: | Thomas Munro <thomas(dot)munro(at)enterprisedb(dot)com> | 
|---|---|
| To: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> | 
| Subject: | LDAP URI decoding bugs | 
| Date: | 2017-11-03 12:57:30 | 
| Message-ID: | CAEepm=3kee-PmWnV=FU8avqAJ5J619KtVg3k5efPXfqqvnG81g@mail.gmail.com | 
| Views: | Whole Thread | Raw Message | Download mbox | Resend email | 
| Thread: | |
| Lists: | pgsql-hackers | 
Hi hackers,
1.  If you set up a pg_hba.conf with a URL that lacks a base DN or
hostname, hba.c will segfault on startup when it tries to pstrdup a
null pointer.  Examples: ldapurl="ldap://localhost" and
ldapurl="ldap://".
2.  If we fail to bind but have no binddn configured, we'll pass NULL
to ereport (snprint?) for %s, which segfaults on some libc
implementations.  That crash requires more effort to reproduce but you
can see pretty clearly a few lines above in auth.c that it can be
NULL.  (I'm surprised Coverity didn't complain about that.  Maybe it
can't see this code due to macros.)
Please see attached.
-- 
Thomas Munro
http://www.enterprisedb.com
| Attachment | Content-Type | Size | 
|---|---|---|
| ldap-fixes.patch | application/octet-stream | 1.6 KB | 
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chris Travers | 2017-11-03 12:58:02 | Re: proposal: schema variables | 
| Previous Message | Alvaro Herrera | 2017-11-03 12:39:00 | Re: dropping partitioned tables without CASCADE |