Hi List, I used the ldapdb_plugin as a template for my sql_plugin-enhancements. While reading through the code there is one problem coming to my mind: In ldapdb_canon_client there is NO check whether ulen is greater than out_umax – maybe it is only a minor issue because the string user is only truncated, but I didn’t have a look if there could be any situation where the size of the string user could be greater than out_umax. Patch would be: >if (ulen>out_umax) return SASL_NOMEM; Just in front of the memcpy. Lars |
