[python-ldap] [PATCH] fix corrupted search attributes

Elmir Jagudin elmir at unity3d.com
Fri Jan 15 09:14:33 EST 2016


Hi

Here is a patch that fixes issue with corrupted search attributes while
using LDAPObject.search_s().

The problem happens when converting attrlist argument from python list to C
char ** array. The problematic code is in attrs_from_List() function in
Modules/LDAPObject.c:

    attrs[i] = PyString_AsString(item);
    Py_DECREF(item);

If the item happens to have ref count 1 before executing the above, the
pointer assigned to attrs[i] will become invalid. The LDAP search request
send out will possibly have mangled search attributes.

I run into this problem while using some LDAP code under pypy. Here is a
simple script that reproduces the problem:

https://gist.github.com/elmirjagudin/6d7aadaa1825901ed73d

In the attached patch I have modified the conversion from python to C type
to use PySequence_Fast* functions. Using PySequence_Fast() call we fetch a
pointer to a temporary python sequence object. We keep track of the object
and decrement the it's ref counter after the call to underlying
ldap_search_ext() C function. Thus we keep attrs pointers valid during that
call.


Regards,
Elmir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20160115/a1913646/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-corrupt-search-attrs.patch
Type: text/x-patch
Size: 4263 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20160115/a1913646/attachment.bin>


More information about the python-ldap mailing list