Hi hackers, 1. If you set up a pg_hba.conf with a URL that lacks a base DN or hostname, hba.c will segfault on startup when it tries to pstrdup a null pointer. Examples: ldapurl="ldap://localhost"; and ldapurl="ldap://";.
2. If we fail to bind but have no binddn configured, we'll pass NULL to ereport (snprint?) for %s, which segfaults on some libc implementations. That crash requires more effort to reproduce but you can see pretty clearly a few lines above in auth.c that it can be NULL. (I'm surprised Coverity didn't complain about that. Maybe it can't see this code due to macros.) Please see attached. -- Thomas Munro http://www.enterprisedb.com
ldap-fixes.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
