diff options
author | Noriko Hosoi <nhosoi@redhat.com> | 2010-08-11 09:55:37 -0700 |
---|---|---|
committer | Noriko Hosoi <nhosoi@redhat.com> | 2010-08-11 09:55:37 -0700 |
commit | 100785aae13a423f1c4522fccc8a753f60695bda (patch) | |
tree | 5a83ec34eb8fceb6d6687b325616fd9189e6588e | |
parent | 75fe5864914d6e71bdfcbb560880b39d82a6013d (diff) | |
download | ds-100785aae13a423f1c4522fccc8a753f60695bda.tar.gz ds-100785aae13a423f1c4522fccc8a753f60695bda.tar.xz ds-100785aae13a423f1c4522fccc8a753f60695bda.zip |
Bug 622628 - fix coverity Defect Type: Integer handling issues
https://bugzilla.redhat.com/show_bug.cgi?id=622628
Comment:
There is a suspicious implicit sign extension. Instead of direct
bit shifting, use ntohl to decode buffer length.
-rw-r--r-- | ldap/servers/slapd/sasl_io.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ldap/servers/slapd/sasl_io.c b/ldap/servers/slapd/sasl_io.c index b831a860..4bf81cc9 100644 --- a/ldap/servers/slapd/sasl_io.c +++ b/ldap/servers/slapd/sasl_io.c @@ -44,6 +44,7 @@ #include "slapi-plugin.h" #include "fe.h" #include <sasl.h> +#include <arpa/inet.h> /* * I/O Shim Layer for SASL Encryption @@ -204,7 +205,7 @@ static PRInt32 sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt32 *err) { PRInt32 ret = 0; - unsigned char buffer[4]; + unsigned char buffer[sizeof(PRInt32)]; size_t packet_length = 0; size_t saslio_limit; sasl_io_private *sp = sasl_get_io_private(fd); @@ -242,8 +243,8 @@ sasl_io_start_packet(PRFileDesc *fd, PRIntn flags, PRIntervalTime timeout, PRInt return -1; } if (ret == sizeof(buffer)) { - /* Decode the length (could use ntohl here ??) */ - packet_length = buffer[0] << 24 | buffer[1] << 16 | buffer[2] << 8 | buffer[3]; + /* Decode the length */ + packet_length = ntohl(*(uint32_t *)buffer); /* add length itself (for Cyrus SASL library) */ packet_length += 4; |