Date: Fri, 6 Feb 2015 22:18:15 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r378558 - in head/net/openldap24-server: . files Message-ID: <201502062218.t16MIF3w066999@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Fri Feb 6 22:18:15 2015 New Revision: 378558 URL: https://svnweb.freebsd.org/changeset/ports/378558 QAT: https://qat.redports.org/buildarchive/r378558/ Log: Apply two upstream patches to address two remote DoS issues: - ITS8027: crash when a search includes the Deref control with an empty attribute list. - ITS8046: double free and crash by certain search queries using the Matched Values control. MFH: 2015Q1 Added: head/net/openldap24-server/files/patch-ITS8027 (contents, props changed) head/net/openldap24-server/files/patch-ITS8046 (contents, props changed) Modified: head/net/openldap24-server/Makefile Modified: head/net/openldap24-server/Makefile ============================================================================== --- head/net/openldap24-server/Makefile Fri Feb 6 22:04:17 2015 (r378557) +++ head/net/openldap24-server/Makefile Fri Feb 6 22:18:15 2015 (r378558) @@ -59,7 +59,7 @@ BROKEN= incompatible OpenLDAP version: .endif PORTREVISION_CLIENT= 1 -PORTREVISION_SERVER= 2 +PORTREVISION_SERVER= 3 OPENLDAP_SHLIB_MAJOR= 2 OPENLDAP_SHLIB_MINOR= 10.3 OPENLDAP_MAJOR= ${DISTVERSION:R} Added: head/net/openldap24-server/files/patch-ITS8027 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/openldap24-server/files/patch-ITS8027 Fri Feb 6 22:18:15 2015 (r378558) @@ -0,0 +1,26 @@ +From c32e74763f77675b9e144126e375977ed6dc562c Mon Sep 17 00:00:00 2001 +From: Howard Chu <hyc@openldap.org> +Date: Mon, 19 Jan 2015 22:25:53 +0000 +Subject: [PATCH] ITS#8027 require non-empty AttributeList + +--- + servers/slapd/overlays/deref.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git servers/slapd/overlays/deref.c servers/slapd/overlays/deref.c +index 9420e3e..05aa890 100644 +--- servers/slapd/overlays/deref.c ++++ servers/slapd/overlays/deref.c +@@ -183,7 +183,8 @@ deref_parseCtrl ( + ber_len_t cnt = sizeof(struct berval); + ber_len_t off = 0; + +- if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR ) ++ if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR ++ || !cnt ) + { + rs->sr_text = "Dereference control: derefSpec decoding error"; + rs->sr_err = LDAP_PROTOCOL_ERROR; +-- +1.7.10.4 + Added: head/net/openldap24-server/files/patch-ITS8046 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/openldap24-server/files/patch-ITS8046 Fri Feb 6 22:18:15 2015 (r378558) @@ -0,0 +1,34 @@ +From 2f1a2dd329b91afe561cd06b872d09630d4edb6a Mon Sep 17 00:00:00 2001 +From: Howard Chu <hyc@openldap.org> +Date: Wed, 4 Feb 2015 02:03:55 +0000 +Subject: [PATCH] ITS#8046 fix vrFilter_free + +--- + servers/slapd/filter.c | 10 +++------- + 1 file changed, 3 insertions(+), 7 deletions(-) + +diff --git servers/slapd/filter.c servers/slapd/filter.c +index b859f73..22c81c8 100644 +--- servers/slapd/filter.c ++++ servers/slapd/filter.c +@@ -1158,14 +1158,10 @@ get_vrFilter( Operation *op, BerElement *ber, + void + vrFilter_free( Operation *op, ValuesReturnFilter *vrf ) + { +- ValuesReturnFilter *p, *next; ++ ValuesReturnFilter *next; + +- if ( vrf == NULL ) { +- return; +- } +- +- for ( p = vrf; p != NULL; p = next ) { +- next = p->vrf_next; ++ for ( ; vrf != NULL; vrf = next ) { ++ next = vrf->vrf_next; + + switch ( vrf->vrf_choice & SLAPD_FILTER_MASK ) { + case LDAP_FILTER_PRESENT: +-- +1.7.10.4 +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502062218.t16MIF3w066999>