From: Kurt Zeilenga <kurt@openldap.org>
Date: Thu, 27 Sep 2001 04:40:11 +0000 (+0000)
Subject: Fix buffer overflow bug (ITS#1345)
X-Git-Tag: OPENLDAP_REL_ENG_2_0_16~39
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=393b19b44922a2be1a55f38620911b0e3568fe1c;p=thirdparty%2Fopenldap.git

Fix buffer overflow bug (ITS#1345)
---

diff --git a/CHANGES b/CHANGES
index 19ef695ce9..b69eddd7c4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
 OpenLDAP 2.0 Change Log
 
 OpenLDAP 2.0.16 Engineering
+	Fixed CR/LF handling (ITS#1328)
+	Fixed slapd/slurpd max args bug (ITS#1343)
+	Fixed slurpd server down reject fix (ITS#1183)
+	Fixed -llber ber_realloc bug (ITS#1346)
 
 OpenLDAP 2.0.15 Release
 	Fixed -lldap TLS external handling
diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
index 37620e5a29..f6183cc507 100644
--- a/libraries/liblber/io.c
+++ b/libraries/liblber/io.c
@@ -34,8 +34,6 @@
 
 #include "lber-int.h"
 
-#define EXBUFSIZ	1024
-
 static ber_slen_t
 BerRead(
 	Sockbuf *sb,
@@ -123,7 +121,7 @@ ber_write(
 int
 ber_realloc( BerElement *ber, ber_len_t len )
 {
-	ber_len_t	need, have, total;
+	ber_len_t	total;
 	Seqorset	*s;
 	long		off;
 	char		*oldbuf;
@@ -134,9 +132,9 @@ ber_realloc( BerElement *ber, ber_len_t len )
 	assert( BER_VALID( ber ) );
 
 	total = ber_pvt_ber_total( ber );
-	have = total / EXBUFSIZ;
-	need = (len < EXBUFSIZ ? 1 : (len + (EXBUFSIZ - 1)) / EXBUFSIZ);
-	total = have * EXBUFSIZ + need * EXBUFSIZ;
+
+#define EXBUFSIZ	1000
+	total += len < EXBUFSIZ ? EXBUFSIZ : len;
 
 	oldbuf = ber->ber_buf;