romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-24 02:55:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

openldap: remove const from supportedSASLMechanisms

Browse source 
Casting away const for a parameter that the LDAP API expects as a
non-const char ** is unsafe: if the LDAP implementation ever writes to,
frees, or otherwise mutates the provided array, undefined behavior or
crashes can occur.

Reported-by: Joshua Rogers
This commit is contained in:
Daniel Stenberg 2025-10-11 23:55:04 +02:00
parent f1828b5404
commit 2097ab37b2
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/openldap.c
View file

@ -461,7 +461,7 @@ static CURLcode oldap_perform_mechs(struct Curl_easy *data)
struct ldapconninfo *li =
Curl_conn_meta_get(data->conn, CURL_META_LDAP_CONN);
int rc;
static const char * const supportedSASLMechanisms[] = {
char *supportedSASLMechanisms[] = {
"supportedSASLMechanisms",
NULL
};
@ -469,7 +469,7 @@ static CURLcode oldap_perform_mechs(struct Curl_easy *data)
if(!li)
return CURLE_FAILED_INIT;
rc = ldap_search_ext(li->ld, "", LDAP_SCOPE_BASE, "(objectclass=*)",
(char **)CURL_UNCONST(supportedSASLMechanisms), 0,
supportedSASLMechanisms, 0,
NULL, NULL, NULL, 0, &li->msgid);
if(rc != LDAP_SUCCESS)
return oldap_map_error(rc, CURLE_LOGIN_DENIED);