Security fix diffs for 2.x
Ferenc Wagner
wferi at niif.hu
Wed Nov 25 18:35:36 UTC 2009
"Scott Cantor" <cantor.2 at osu.edu> writes:
> Ferenc Wagner wrote on 2009-11-24:
>
>> But now I wonder why the implementations in SAMLConfig.cpp and
>> SPConfig.cpp wouldn't clash... Shouldn't one be renamed at least? I
>> fear these won't be usable together, but can't check it right now.
>
> They'd be in different C++ namespaces, or could be static members of
> different classes, or both.
To my great surprise they actually work together, though currently
neither is the case (with yesterday's patches). Behold:
$ objdump -CT /usr/lib/libsaml.so.2 | grep HTTPResponse_
002069a0 g DF .text 0000029a Base HTTPResponse_sanitizeURL(char const*)
$ objdump -CT /usr/lib/libshibsp.so.1 | grep HTTPResponse_
00065610 g DF .text 000002aa Base HTTPResponse_sanitizeURL(char const*)
000658c0 g DF .text 00000028 Base HTTPResponse_sendRedirect(char const*)
00064f40 g DF .text 00000160 Base HTTPResponse_setResponseHeader(char const*, char const*)
Also, please send some test cases to me privately, I've created the test
setup.
--
Thanks,
Feri.
More information about the Pkg-shibboleth-devel
mailing list