cgrzemba / 389-ds-base

Forked from 389-ds-base 5 years ago
Clone
Source Code
GIT

df8b979 Bugzilla 912964 - bug in handling of LDAPv3 control data

Authored and Committed by nhosoi 11 years ago
raw patch tree parent
13 files changed. 44 lines added. 30 lines removed.
ldap/servers/plugins/chainingdb/cb_controls.c
file modified
+2 -4
ldap/servers/plugins/chainingdb/cb_utils.c
file modified
+1 -1
ldap/servers/plugins/deref/deref.c
file modified
+1 -1
ldap/servers/plugins/dna/dna.c
file modified
+4 -3
ldap/servers/plugins/replication/repl5_total.c
file modified
+3 -3
ldap/servers/plugins/replication/repl_controls.c
file modified
+1 -1
ldap/servers/plugins/replication/repl_extop.c
file modified
+13 -8
ldap/servers/plugins/replication/windows_private.c
file modified
+7 -0
ldap/servers/slapd/back-ldbm/sort.c
file modified
+4 -5
ldap/servers/slapd/back-ldbm/vlv.c
file modified
+2 -2
ldap/servers/slapd/passwd_extop.c
file modified
+1 -1
ldap/servers/slapd/proxyauth.c
file modified
+1 -1
ldap/servers/slapd/slapi-plugin.h
file modified
+4 -0 
    Bugzilla 912964 - bug in handling of LDAPv3 control data
    
    Bug Description:
    If we receive an incorrect control, with non NULL bv_val but
    bv_len=0, it can trigger a crash.  This bug occurs because
    of a call of openldap ber_init with such incorrect control.
    
    Fix Description:
    Before calling ber_init, check that the control lenght is not 0.
    
    Note: checking in the patch on behalf of "Thierry bordaz"
    <tbordaz@redhat.com>
    
    https://bugzilla.redhat.com/show_bug.cgi?id=913228
    
    Reviewed by: rmeggins@redhat.com, nhosoi@redhat.com
    
    Platforms tested: Fedora 18, RHEL 6.4 (RHDS6.4)
    
    Flag Day: no
    
    Doc impact: possibly document a security bug
file modified
+2 -4
file modified
+1 -1
file modified
+1 -1
file modified
+4 -3
file modified
+3 -3
file modified
+1 -1
file modified
+13 -8
file modified
+7 -0
file modified
+4 -5
file modified
+2 -2
file modified
+1 -1
file modified
+1 -1
file modified
+4 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.