12717 - Resource leak - servers/plugins/uiduniq/uid.c 12692 - Use of untrusted string value - servers/slapd/task.c
git patch file (master) 0001-Ticket-47859-Coverity-12692-12717.patch
For defect 12692, resurrecting the fix made in this ticket: {{{ Revert "Revert "Ticket #47835 - Coverity: 12687..12692""
This reverts commit 8247976.
Note: It turned out this patch is necessary even if Coverity filter is enhanced.
12692 - Use of untrusted string value Description: lines read from the sysconfig reload task's attribute sysconfigfile (e.g., /etc/sysconfig/dirsrv-localhost) could be tainted. Check the end of the line more rigorously, and eliminate a chance to overflow env_var and env_value by copying the characters from read line. }}}
Reviewed by Rich (Thank you!!)
Pushed to master: 84477da..03f85ec master -> master commit 03f85ec
Sorry, fixing a compiler error... 03f85ec..42fa2e6 master -> master commit 42fa2e6
Metadata Update from @nhosoi: - Issue set to the milestone: 1.3.3 backlog
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1190
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.