Package: cherokee
Version: 0.11.3-2
Severity: serious
Tags: patch
Usertags: implicit-pointer-conversion

Our automated buildd log filter[1] detected a problem that is likely to
cause your package to segfault on architectures where the size of a
pointer is greater than the size of an integer, such as ia64 and amd64.

  Function `ldap_init' implicitly converted to pointer at validator_ldap.c:161

This is often due to a missing function prototype definition.
For more information, see [2].

The libldap API has been updated and many functions used by the ldap
plugin are now deprecated. This package should either update to the
new API or define LDAP_DEPRECATED to continue using the deprecated
interfaces.

This patch implements the lazy solution.

Though it is guaranteed that this codepath will cause a segfault on certain
architectures, it is not guaranteed that this codepath would ever be executed
(e.g., if the returned pointer is never dereferenced). However, this bug
does prevent the ia64 buildd from successfully building this package, resulting
in a practical FTBFS issue and warranting the serious severity.

(oh, and hi Gunnar!)

[1] http://people.debian.org/~dannf/check-implicit-pointer-functions
[2] http://wiki.debian.org/ImplicitPointerConversions

-- 
dann frazier

diff -urpN cherokee-0.11.5.orig/cherokee/validator_ldap.h cherokee-0.11.5/cherokee/validator_ldap.h
--- cherokee-0.11.5.orig/cherokee/validator_ldap.h	2008-12-18 08:17:53.000000000 -0700
+++ cherokee-0.11.5/cherokee/validator_ldap.h	2008-12-24 15:44:56.000000000 -0700
@@ -27,6 +27,7 @@
 
 #include "common.h"
 
+#define LDAP_DEPRECATED 1
 #include "ldap.h"
 
 #include "validator.h"

Reply via email to