cgrzemba / 389-ds-base

Forked from 389-ds-base 5 years ago
Clone

8960914 Ticket #47605 CVE-2013-4485: DoS due to improper handling of ger attr searches

Authored and Committed by rmeggins 10 years ago
    Ticket #47605 CVE-2013-4485: DoS due to improper handling of ger attr searches
    
    https://fedorahosted.org/389/ticket/47605
    Reviewed by: nhosoi (Thanks!)
    Branch: 389-ds-base-1.3.1
    Fix Description: The traversal of the attr list looking for GER objectclasses
    was modifying the same attribute twice, removing the "@" from it.  The second
    time, since there was no "@" in the string, the strchr would return NULL, and
    the code would not check for it.
    The code was simplified and rewritten to use charray_merge_nodup
    to build the gerattrs list with unique objectclass values, which I believe was
    the intention of the original code.  I also added some error checking to look
    for invalid attributes like "@name" "name@" and "name@name@name".
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no
    (cherry picked from commit 7e03702932546e74f0044d11832e7e7e395cbb36)
    (cherry picked from commit 12e54af6982ab5406f4bba6a02dd0724a0415501)
    (cherry picked from commit 8c5e74b291d08c66e0afbf766f77f955725b9bf4)
    
        
file modified
+16 -63