389-ds-base

Clone
Source Code
GIT

13f8dc7 Issue 51054 - AddressSanitizer: heap-buffer-overflow in ldap_utf8prev

Authored and Committed by mreynolds 3 years ago
raw patch tree parent
2 files changed. 31 lines added. 7 lines removed.
dirsrvtests/tests/suites/acl/syntax_test.py
file modified
+2 -2
ldap/servers/plugins/acl/aclparse.c
file modified
+29 -5 
    Issue 51054 - AddressSanitizer: heap-buffer-overflow in ldap_utf8prev
    
    Bug Description:  Adding an invalid/double equal sign when setting the
                      target/targetattr/targetfilter will cause a heap "underflow":
    
                            targetfilter=="(uid=*)"
    
    Fix description:  Detect and reject these invalid ACI syntaxes before we
                      "underflow".  Simply check if the character after the first
                      equal sign is a double quote, as that is the only possible
                      next valid character in a valid ACI.
    
    fixes: https://pagure.io/389-ds-base/issue/51054
    
    Reviewed by: firstyear(Thanks!)
file modified
+2 -2
file modified
+29 -5
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.