Date: Fri, 6 Feb 2015 22:20:11 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r378559 - in branches/2015Q1/net/openldap24-server: . files Message-ID: <201502062220.t16MKB5f067571@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Fri Feb 6 22:20:10 2015 New Revision: 378559 URL: https://svnweb.freebsd.org/changeset/ports/378559 QAT: https://qat.redports.org/buildarchive/r378559/ Log: MFH: r378558 Apply two upstream patches to address two remote DoS issues: - ITS8027: crash when a search includes the Deref control with an empty attribute list. - ITS8046: double free and crash by certain search queries using the Matched Values control. Approved by: ports-secteam@ Added: branches/2015Q1/net/openldap24-server/files/patch-ITS8027 - copied unchanged from r378558, head/net/openldap24-server/files/patch-ITS8027 branches/2015Q1/net/openldap24-server/files/patch-ITS8046 - copied unchanged from r378558, head/net/openldap24-server/files/patch-ITS8046 Modified: branches/2015Q1/net/openldap24-server/Makefile Directory Properties: branches/2015Q1/ (props changed) Modified: branches/2015Q1/net/openldap24-server/Makefile ============================================================================== --- branches/2015Q1/net/openldap24-server/Makefile Fri Feb 6 22:18:15 2015 (r378558) +++ branches/2015Q1/net/openldap24-server/Makefile Fri Feb 6 22:20:10 2015 (r378559) @@ -59,7 +59,7 @@ BROKEN= incompatible OpenLDAP version: .endif PORTREVISION_CLIENT= 1 -PORTREVISION_SERVER= 2 +PORTREVISION_SERVER= 3 OPENLDAP_SHLIB_MAJOR= 2 OPENLDAP_SHLIB_MINOR= 10.3 OPENLDAP_MAJOR= ${DISTVERSION:R} Copied: branches/2015Q1/net/openldap24-server/files/patch-ITS8027 (from r378558, head/net/openldap24-server/files/patch-ITS8027) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q1/net/openldap24-server/files/patch-ITS8027 Fri Feb 6 22:20:10 2015 (r378559, copy of r378558, head/net/openldap24-server/files/patch-ITS8027) @@ -0,0 +1,26 @@ +From c32e74763f77675b9e144126e375977ed6dc562c Mon Sep 17 00:00:00 2001 +From: Howard Chu <hyc@openldap.org> +Date: Mon, 19 Jan 2015 22:25:53 +0000 +Subject: [PATCH] ITS#8027 require non-empty AttributeList + +--- + servers/slapd/overlays/deref.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git servers/slapd/overlays/deref.c servers/slapd/overlays/deref.c +index 9420e3e..05aa890 100644 +--- servers/slapd/overlays/deref.c ++++ servers/slapd/overlays/deref.c +@@ -183,7 +183,8 @@ deref_parseCtrl ( + ber_len_t cnt = sizeof(struct berval); + ber_len_t off = 0; + +- if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR ) ++ if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR ++ || !cnt ) + { + rs->sr_text = "Dereference control: derefSpec decoding error"; + rs->sr_err = LDAP_PROTOCOL_ERROR; +-- +1.7.10.4 + Copied: branches/2015Q1/net/openldap24-server/files/patch-ITS8046 (from r378558, head/net/openldap24-server/files/patch-ITS8046) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q1/net/openldap24-server/files/patch-ITS8046 Fri Feb 6 22:20:10 2015 (r378559, copy of r378558, head/net/openldap24-server/files/patch-ITS8046) @@ -0,0 +1,34 @@ +From 2f1a2dd329b91afe561cd06b872d09630d4edb6a Mon Sep 17 00:00:00 2001 +From: Howard Chu <hyc@openldap.org> +Date: Wed, 4 Feb 2015 02:03:55 +0000 +Subject: [PATCH] ITS#8046 fix vrFilter_free + +--- + servers/slapd/filter.c | 10 +++------- + 1 file changed, 3 insertions(+), 7 deletions(-) + +diff --git servers/slapd/filter.c servers/slapd/filter.c +index b859f73..22c81c8 100644 +--- servers/slapd/filter.c ++++ servers/slapd/filter.c +@@ -1158,14 +1158,10 @@ get_vrFilter( Operation *op, BerElement *ber, + void + vrFilter_free( Operation *op, ValuesReturnFilter *vrf ) + { +- ValuesReturnFilter *p, *next; ++ ValuesReturnFilter *next; + +- if ( vrf == NULL ) { +- return; +- } +- +- for ( p = vrf; p != NULL; p = next ) { +- next = p->vrf_next; ++ for ( ; vrf != NULL; vrf = next ) { ++ next = vrf->vrf_next; + + switch ( vrf->vrf_choice & SLAPD_FILTER_MASK ) { + case LDAP_FILTER_PRESENT: +-- +1.7.10.4 +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502062220.t16MKB5f067571>