[Pkg-openldap-devel] [openldap] 09/09: fix attr_dup2 with no attrs (#663644)

Ryan Tandy rtandy-guest at moszumanska.debian.org
Tue Apr 14 00:19:35 UTC 2015


This is an automated email from the git hooks/post-receive script.

rtandy-guest pushed a commit to branch squeeze
in repository openldap.

commit 59c8f780604d3742f7bad043b9095168e2283c9f
Author: Ryan Tandy <ryan at nardis.ca>
Date:   Sat Apr 4 15:33:53 2015 -0700

    fix attr_dup2 with no attrs (#663644)
---
 debian/changelog                                   |  4 +++
 .../ITS7143-fix-attr_dup2-when-attrsOnly.patch     | 40 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 45 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 02701b9..5f6d1f0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,6 +14,10 @@ openldap (2.4.23-7.3+deb6u1) UNRELEASED; urgency=high
   * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream 
     patch to fix a crash when a search includes the Deref control with an 
     empty attribute list. (ITS#8027) (CVE-2015-1545) (Closes: #776988)
+  * debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch: Import upstream
+    patch to fix a crash when doing an attrsOnly search of a database
+    configured with both the rwm and translucent overlays. (ITS#7143)
+    (CVE-2012-1164) (Closes: #663644)
 
  -- Ryan Tandy <ryan at nardis.ca>  Mon, 13 Apr 2015 08:53:26 -0700
 
diff --git a/debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch b/debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch
new file mode 100644
index 0000000..acc72d6
--- /dev/null
+++ b/debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch
@@ -0,0 +1,40 @@
+From fa82424b9cb74af92fdee61a213df309b1cfbcc6 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc at openldap.org>
+Date: Tue, 14 Feb 2012 17:29:14 -0800
+Subject: [PATCH] ITS#7143 fix attr_dup2 when no values are present (attrsOnly
+ = TRUE)
+
+---
+ servers/slapd/attr.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/servers/slapd/attr.c b/servers/slapd/attr.c
+index 9fec895..f2f74ef 100644
+--- a/servers/slapd/attr.c
++++ b/servers/slapd/attr.c
+@@ -232,13 +232,16 @@ attr_dup2( Attribute *tmp, Attribute *a )
+ 		if ( a->a_nvals != a->a_vals ) {
+ 
+ 			tmp->a_nvals = ch_malloc( (tmp->a_numvals + 1) * sizeof(struct berval) );
+-			for ( j = 0; !BER_BVISNULL( &a->a_nvals[j] ); j++ ) {
+-				assert( j < i );
+-				ber_dupbv( &tmp->a_nvals[j], &a->a_nvals[j] );
+-				if ( BER_BVISNULL( &tmp->a_nvals[j] ) ) break;
+-				/* FIXME: error? */
++			j = 0;
++			if ( i ) {
++				for ( ; !BER_BVISNULL( &a->a_nvals[j] ); j++ ) {
++					assert( j < i );
++					ber_dupbv( &tmp->a_nvals[j], &a->a_nvals[j] );
++					if ( BER_BVISNULL( &tmp->a_nvals[j] ) ) break;
++					/* FIXME: error? */
++				}
++				assert( j == i );
+ 			}
+-			assert( j == i );
+ 			BER_BVZERO( &tmp->a_nvals[j] );
+ 
+ 		} else {
+-- 
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 0905471..f26c7d9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -20,3 +20,4 @@ CVE-2011-1025
 CVE-2011-1081
 ITS7723-fix-reference-counting.patch
 ITS8027-deref-reject-empty-attr-list.patch
+ITS7143-fix-attr_dup2-when-attrsOnly.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git



More information about the Pkg-openldap-devel mailing list