# --- SDE-COPYRIGHT-NOTE-BEGIN ---
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
#
# Filename: package/.../heimdal/hdb-ldap-malloc.patch
# Copyright (C) 2008 The OpenSDE Project
#
# More information can be found in the files COPYING and README.
#
# This patch file is dual-licensed. It is available under the license the
# patched project is licensed under, as long as it is an OpenSource license
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
# of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
# --- SDE-COPYRIGHT-NOTE-END ---

Index: heimdal/lib/hdb/hdb-ldap.c
===================================================================
--- heimdal/lib/hdb/hdb-ldap.c	(revision 22587)
+++ heimdal/lib/hdb/hdb-ldap.c	(revision 22588)
@@ -989,8 +989,10 @@
 	    goto out;
 	}
 	for (i = 0; i < ent->entry.etypes->len; i++) {
-	    char buf[100];
-	    if (vals[i]->bv_len > sizeof(buf) - 1) {
+	    char *buf;
+
+	    buf = malloc(vals[i]->bv_len + 1);
+	    if (buf == NULL) {
 		krb5_set_error_string(context, "malloc: out of memory");
 		ret = ENOMEM;
 		goto out;
@@ -998,6 +1000,7 @@
 	    memcpy(buf, vals[i]->bv_val, vals[i]->bv_len);
 	    buf[vals[i]->bv_len] = '\0';
 	    ent->entry.etypes->val[i] = atoi(buf);
+	    free(buf);
 	}
 	ldap_value_free_len(vals);
     }