From: Ralf Haferkamp <ralf@openldap.org>
Date: Tue, 24 May 2011 13:23:11 +0000 (+0200)
Subject: ITS#6951 Fix two buffersize issue in "pcacheBind" config processing
X-Git-Tag: OPENLDAP_REL_ENG_2_5_0ALPHA~1381
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5402fef6d7bc90c831eb7ebb40081eda416f7e60;p=thirdparty%2Fopenldap.git

ITS#6951 Fix two buffersize issue in "pcacheBind" config processing

Found with valgrind
---

diff --git a/servers/slapd/overlays/pcache.c b/servers/slapd/overlays/pcache.c
index cec3eca05c..62477513bd 100644
--- a/servers/slapd/overlays/pcache.c
+++ b/servers/slapd/overlays/pcache.c
@@ -445,7 +445,7 @@ ftemp_attrs( struct berval *ftemp, struct berval *template,
 	AttributeDescription **descs = NULL;
 	char *temp2;
 
-	temp2 = ch_malloc( ftemp->bv_len );
+	temp2 = ch_malloc( ftemp->bv_len + 1 );
 	p1 = ftemp->bv_val;
 	t1 = temp2;
 
@@ -4263,7 +4263,7 @@ pc_bind_fail:
 			i = 0;
 			while ((eq = strchr(eq, '=' ))) {
 				eq++;
-				if ( eq[1] == ')' )
+				if ( eq[0] == ')' )
 					i++;
 			}
 			bv.bv_len = temp->bindftemp.bv_len + i;