#51014 slapi_pal.c may have buffer overflow in cgroup path set
Closed: wontfix 3 years ago by firstyear. Opened 3 years ago by firstyear.

Issue Description

[  226s] I: Statement might potentially overflow a destination buffer, where a size larger
[  226s]     than the actual buffer was specified
[  226s] E: 389-ds destbufferoverflow ldap/servers/slapd/slapi_pal.c:249:26

This was detected as part of the internal suse build process. This is a low risk for security due to the need to manipulate /proc/self/cgroup, but we should still fix it.

This also requires backport to 1.4.2 series for our support.

Metadata Update from @firstyear:
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None

3 years ago

Metadata Update from @firstyear:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/4067

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)

3 years ago

Login to comment on this ticket.