Red Hat Bugzilla – Bug 1077884
ldap/servers/slapd/back-ldbm/dblayer.c: possible minor problem with sscanf
Last modified: 2015-03-05 04:34:04 EST
This bug is created as a clone of upstream ticket: https://fedorahosted.org/389/ticket/47746 [ldap/servers/slapd/back-ldbm/dblayer.c:5294]: (warning) scanf without field width limits can crash with huge input data. Source code is sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value); but char value[128], delimiter; Maybe sscanf(thisline,"%[a-z]%c%128s",attribute,&delimiter,value); would be better code.
[root@dhcp201-126 ~]# /usr/lib64/dirsrv/slapd-dhcp201-126/stop-slapd [root@dhcp201-126 ~]# vim /var/lib/dirsrv/slapd-dhcp201-126/db/guardian [root@dhcp201-126 ~]# cp /var/lib/dirsrv/slapd-dhcp201-126/db/guardian /var/lib/dirsrv/slapd-dhcp201-126/db/guardian_bk [root@dhcp201-126 ~]# vim /var/lib/dirsrv/slapd-dhcp201-126/db/guardian [root@dhcp201-126 ~]# /usr/lib64/dirsrv/slapd-dhcp201-126/start-slapd [root@dhcp201-126 ~]# cat /var/lib/dirsrv/slapd-dhcp201-126/db/guardian cat: /var/lib/dirsrv/slapd-dhcp201-126/db/guardian: No such file or directory [root@dhcp201-126 ~]# /usr/lib64/dirsrv/slapd-dhcp201-126/stop-slapd [root@dhcp201-126 ~]# cat /var/lib/dirsrv/slapd-dhcp201-126/db/guardian cachesize:5120000 ncache:0 version:5 Hence VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0416.html