On Thu, Jun 12, 2014 at 05:02:19PM -0400, Noah Misch wrote: > You can cause the at-exit crash by building PostgreSQL against OpenLDAP > 2.4.31, connecting with LDAP authentication, and issuing "LOAD 'dblink'".
> 4. Detect older OpenLDAP versions at runtime, just before we would otherwise > initialize OpenLDAP, and raise an error. Possibly make the same check at > compile time, for packager convenience. Having pondered this some more, I lean toward the following conservative fix. Add to all supported branches a test case that triggers the crash and a configure-time warning if the OpenLDAP version falls in the vulnerable range. So long as those who build from source monitor either "configure" output or test suite failures, they'll have the opportunity to head off the problem. -- Noah Misch EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
