Hi hackers,
1. If you set up a pg_hba.conf with a URL that lacks a base DN or
hostname, hba.c will segfault on startup when it tries to pstrdup a
null pointer. Examples: ldapurl="ldap://localhost" and
ldapurl="ldap://".
2. If we fail to bind but have no binddn configured, we'll pass NULL
to ereport (snprint?) for %s, which segfaults on some libc
implementations. That crash requires more effort to reproduce but you
can see pretty clearly a few lines above in auth.c that it can be
NULL. (I'm surprised Coverity didn't complain about that. Maybe it
can't see this code due to macros.)
Please see attached.
--
Thomas Munro
http://www.enterprisedb.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers