[Pkg-openldap-devel] [openldap] 01/02: fix deref crash with empty attr list (#776988)
Ryan Tandy
rtandy-guest at moszumanska.debian.org
Wed Feb 4 19:18:06 UTC 2015
This is an automated email from the git hooks/post-receive script.
rtandy-guest pushed a commit to branch master
in repository openldap.
commit b1f30cef12f5bd72e0a63ca4cbabf3e5ca7c70ad
Author: Ryan Tandy <ryan at nardis.ca>
Date: Wed Feb 4 08:29:05 2015 -0800
fix deref crash with empty attr list (#776988)
---
debian/changelog | 8 ++++++++
.../ITS8027-deref-reject-empty-attr-list.patch | 20 ++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 29 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 1fcc7f3..2e4a05d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+openldap (2.4.40-4) UNRELEASED; urgency=medium
+
+ * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream
+ patch to fix a crash when a search includes the Deref control with an
+ empty attribute list. (ITS#8027) (Closes: #776988)
+
+ -- Ryan Tandy <ryan at nardis.ca> Wed, 04 Feb 2015 08:23:15 -0800
+
openldap (2.4.40-3) unstable; urgency=medium
* Remove trailing spaces from slapd.templates.
diff --git a/debian/patches/ITS8027-deref-reject-empty-attr-list.patch b/debian/patches/ITS8027-deref-reject-empty-attr-list.patch
new file mode 100644
index 0000000..8eba835
--- /dev/null
+++ b/debian/patches/ITS8027-deref-reject-empty-attr-list.patch
@@ -0,0 +1,20 @@
+commit c32e74763f77675b9e144126e375977ed6dc562c
+Author: Howard Chu <hyc at openldap.org>
+Date: Mon Jan 19 22:25:53 2015 +0000
+
+ ITS#8027 require non-empty AttributeList
+
+diff --git a/servers/slapd/overlays/deref.c b/servers/slapd/overlays/deref.c
+index 9420e3e..05aa890 100644
+--- a/servers/slapd/overlays/deref.c
++++ b/servers/slapd/overlays/deref.c
+@@ -183,7 +183,8 @@ deref_parseCtrl (
+ ber_len_t cnt = sizeof(struct berval);
+ ber_len_t off = 0;
+
+- if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR )
++ if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR
++ || !cnt )
+ {
+ rs->sr_text = "Dereference control: derefSpec decoding error";
+ rs->sr_err = LDAP_PROTOCOL_ERROR;
diff --git a/debian/patches/series b/debian/patches/series
index 613612b..f50f391 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -21,3 +21,4 @@ switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff
no-bdb-ABI-second-guessing
heimdal-fix
ITS6035-olcauthzregex-needs-restart.patch
+ITS8027-deref-reject-empty-attr-list.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git
More information about the Pkg-openldap-devel
mailing list