[Pkg-openldap-devel] r800 - in openldap/trunk-2.3/debian: . patches

[Russ Allbery]

Author: rra
Date: 2007-05-23 22:01:17 +0000 (Wed, 23 May 2007)
New Revision: 800

Added:
   openldap/trunk-2.3/debian/patches/ITS4924
   openldap/trunk-2.3/debian/patches/ITS4925
Modified:
   openldap/trunk-2.3/debian/changelog
   openldap/trunk-2.3/debian/patches/series
Log:
* Apply upstream patches:
  - ITS#4924: client crash on incorrectly tagged result from server.
  - ITS#4925: NOOP modify with BDB backend crashed slapd.

Modified: openldap/trunk-2.3/debian/changelog
===================================================================
--- openldap/trunk-2.3/debian/changelog	2007-05-23 21:34:39 UTC (rev 799)
+++ openldap/trunk-2.3/debian/changelog	2007-05-23 22:01:17 UTC (rev 800)
@@ -1,8 +1,11 @@
 openldap2.3 (2.3.35-1) UNRELEASED; urgency=low
 
   * New upstream release with many bug fixes.
+  * Apply upstream patches:
+    - ITS#4924: client crash on incorrectly tagged result from server.
+    - ITS#4925: NOOP modify with BDB backend crashed slapd.
 
- -- Russ Allbery <rra at debian.org>  Wed, 23 May 2007 13:57:14 -0700
+ -- Russ Allbery <rra at debian.org>  Wed, 23 May 2007 15:01:03 -0700
 
 openldap2.3 (2.3.30-5) unstable; urgency=low
 

Added: openldap/trunk-2.3/debian/patches/ITS4924
===================================================================
--- openldap/trunk-2.3/debian/patches/ITS4924	                        (rev 0)
+++ openldap/trunk-2.3/debian/patches/ITS4924	2007-05-23 22:01:17 UTC (rev 800)
@@ -0,0 +1,34 @@
+A server could crash a client by sending an incorrectly tagged result
+due to an incorrect assert().
+
+ITS#4924
+
+--- openldap-2.3.35/libraries/libldap/request.c	2007/01/02 21:43:49	1.103.2.15
++++ openldap-2.3.35/libraries/libldap/request.c	2007/04/11 07:00:17	1.103.2.16
+@@ -424,7 +424,10 @@ ldap_new_connection( LDAP *ld, LDAPURLDe
+ 			++lc->lconn_refcnt;	/* avoid premature free */
+ 			ld->ld_defconn = lc;
+ 
+-			Debug( LDAP_DEBUG_TRACE, "anonymous rebind via ldap_bind_s\n", 0, 0, 0);
++			Debug( LDAP_DEBUG_TRACE,
++				"anonymous rebind via ldap_sasl_bind(\"\")\n",
++				0, 0, 0);
++
+ #ifdef LDAP_R_COMPILE
+ 			ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
+ 			ldap_pvt_thread_mutex_unlock( &ld->ld_res_mutex );
+@@ -462,7 +465,13 @@ ldap_new_connection( LDAP *ld, LDAPURLDe
+ 						break;
+ 
+ 					default:
+-						assert( 0 );
++						Debug( LDAP_DEBUG_TRACE,
++							"ldap_new_connection %p: "
++							"unexpected response %d "
++							"from BIND request id=%d\n",
++							ld, ldap_msgtype( res ), msgid );
++						err = -1;
++						break;
+ 					}
+ 				}
+ 			}

Added: openldap/trunk-2.3/debian/patches/ITS4925
===================================================================
--- openldap/trunk-2.3/debian/patches/ITS4925	                        (rev 0)
+++ openldap/trunk-2.3/debian/patches/ITS4925	2007-05-23 22:01:17 UTC (rev 800)
@@ -0,0 +1,16 @@
+Trying a modify operation with the NOOP control set on an entry stored
+in a BDB backend crashed slapd.
+
+ITS#4925
+
+--- openldap-2.3.35/servers/slapd/back-bdb/modify.c	2007/01/02 21:44:00	1.124.2.16
++++ openldap-2.3.35/servers/slapd/back-bdb/modify.c	2007/04/11 18:32:24	1.124.2.17
+@@ -538,6 +538,8 @@ retry:	/* transaction retry */
+ 		} else {
+ 			rs->sr_err = LDAP_X_NO_OPERATION;
+ 			ltid = NULL;
++			/* Only free attrs if they were dup'd.  */
++			if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
+ 			goto return_results;
+ 		}
+ 	} else {

Modified: openldap/trunk-2.3/debian/patches/series
===================================================================
--- openldap/trunk-2.3/debian/patches/series	2007-05-23 21:34:39 UTC (rev 799)
+++ openldap/trunk-2.3/debian/patches/series	2007-05-23 22:01:17 UTC (rev 800)
@@ -15,3 +15,5 @@
 man-slurpd -p0
 kbind-security-fix -p0
 fix-memleak-on-failed-bind -p0
+ITS4924
+ITS4925