From nobody Wed Feb 23 02:39:01 2022 X-Original-To: dev-commits-ports-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C73B419CF216; Wed, 23 Feb 2022 02:39:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K3Kx15FpHz4sHJ; Wed, 23 Feb 2022 02:39:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645583941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Qj7IjGrQ0q0Oc83gweywOYWTxE6b/V1L5sD8jxJa1SU=; b=azMr2NJNsuYAvz8pTongst+EFiv9a1MVvmsolEalV8Qr7Dr4PRU+LDQ3sVsje5y1UtVC6o pu5ejIUoCwrJ2rBtbglkwGiL/D2clscD9qc4OnWAlcrygSB0ky66z1mebHqKsJBMJ304Ve GLtnRD9eDIh5z+YEm80uCNPbFyL5pnMSjccKZegsOKHIzVF2S6V8/bfq2U6qnNf5CbuN1Y Xjfy24UHpIQw2/933zIf94rHjstG+/NSF8A0aPg69tymkOh4bi1nwWnev2OSROa0m6+R6p 1mGBotMpxE/iW+8+q0g62Y8DfctgESPppUY5dKg+s2+42R9b1M5O/oaueXh1BQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 90BB0797F; Wed, 23 Feb 2022 02:39:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21N2d1o3067692; Wed, 23 Feb 2022 02:39:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21N2d1YM067691; Wed, 23 Feb 2022 02:39:01 GMT (envelope-from git) Date: Wed, 23 Feb 2022 02:39:01 GMT Message-Id: <202202230239.21N2d1YM067691@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Hajimu UMEMOTO Subject: git: 06cfe2d77605 - 2022Q1 - security/cyrus-sasl2-sql: Escape password for SQL insert/update commands List-Id: Commits to the quarterly branches of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-branches@freebsd.org X-BeenThere: dev-commits-ports-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ume X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q1 X-Git-Reftype: branch X-Git-Commit: 06cfe2d77605996896f9c4f3615cac4dd92fa6b6 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645583941; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Qj7IjGrQ0q0Oc83gweywOYWTxE6b/V1L5sD8jxJa1SU=; b=roWArP1RiYEbkL8r7+TB8hbF/gMhkBsNndgd3HlXOTGUcwhVeTaM/Kn/b+J+lEI5VlDPpB LByPChI9VBKfY530gvMlHrR9/7NjIi2VAEfXKGhkTWLvQFaaAtRt2vZv3bw7U9ekI1BbHc jhr4l8JRzr0tkQcfPdjdaZi+EbxeOrxaUU22kd/sm3uu9TLtXy4Hwdk6LZGhL3O9t0dLJx h3BD8G9233x8CXjlLSJ+6TbePzDokopSOLEfZyKkY790FsEbxDcXlQ7+2ko53HGJM6qtQr sXfISVls3/m+/zgUC5r29jopWaKPERT9u/jksWMCrKMruD1B3axwvUSYxysOmw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1645583941; a=rsa-sha256; cv=none; b=lEQlv8XO7YeLaW4G4ytUXEIlAouU178mITjuLbKatIhukYZrS5arcjS0KC4CZpoV65iIEC MiGtQv2qBwBgBsL98ZOkwje67qo3w9oCWvMwx5wBgtuWWJhvlf7PXBEJ6gfc8uCIrnYqap KhdJ6+65GLWqGpCK8S0Nqi8LZdffgjOhRBynbVYvgByMGhLVYkyIv+OTCOv6dyX4vVAksa MWAVnRGQS3eAPr50IWiR01o1NYtKMOvsYDhbb0K1KCE03ocsE/OUUwd2K/fDMfyt0OJdPG 2KvmUqKlMk4+oTNLLbVvCiljaizhlhK0ODva/s3+m3su2fiPRom5ugZlxI0X5Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q1 has been updated by ume: URL: https://cgit.FreeBSD.org/ports/commit/?id=06cfe2d77605996896f9c4f3615cac4dd92fa6b6 commit 06cfe2d77605996896f9c4f3615cac4dd92fa6b6 Author: Hajimu UMEMOTO AuthorDate: 2022-02-23 02:15:13 +0000 Commit: Hajimu UMEMOTO CommitDate: 2022-02-23 02:38:13 +0000 security/cyrus-sasl2-sql: Escape password for SQL insert/update commands Obtained from: https://github.com/cyrusimap/cyrus-sasl/commit/2d2e97b0eb53fa7f87a3bf1529d8f712dd954480 Security: CVE-2022-24407 (cherry picked from commit c4eb47c93f835c4e3349e9a97a13e50621beef6a) --- security/cyrus-sasl2-sql/Makefile | 1 + security/cyrus-sasl2/files/patch-plugins__sql.c | 66 +++++++++++++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/security/cyrus-sasl2-sql/Makefile b/security/cyrus-sasl2-sql/Makefile index 471cc4038e0f..c8ef4ce4f261 100644 --- a/security/cyrus-sasl2-sql/Makefile +++ b/security/cyrus-sasl2-sql/Makefile @@ -1,4 +1,5 @@ PKGNAMESUFFIX= -sql +PORTREVISION= 1 COMMENT= SASL SQL plugins diff --git a/security/cyrus-sasl2/files/patch-plugins__sql.c b/security/cyrus-sasl2/files/patch-plugins__sql.c new file mode 100644 index 000000000000..1983317092bf --- /dev/null +++ b/security/cyrus-sasl2/files/patch-plugins__sql.c @@ -0,0 +1,66 @@ +--- plugins/sql.c.orig 2016-12-10 15:45:55 UTC ++++ plugins/sql.c +@@ -1150,6 +1150,7 @@ static int sql_auxprop_store(void *glob_context, + char *statement = NULL; + char *escap_userid = NULL; + char *escap_realm = NULL; ++ char *escap_passwd = NULL; + const char *cmd; + + sql_settings_t *settings; +@@ -1221,6 +1222,11 @@ static int sql_auxprop_store(void *glob_context, + "Unable to begin transaction\n"); + } + for (cur = to_store; ret == SASL_OK && cur->name; cur++) { ++ /* Free the buffer, current content is from previous loop. */ ++ if (escap_passwd) { ++ sparams->utils->free(escap_passwd); ++ escap_passwd = NULL; ++ } + + if (cur->name[0] == '*') { + continue; +@@ -1242,19 +1248,32 @@ static int sql_auxprop_store(void *glob_context, + } + sparams->utils->free(statement); + ++ if (cur->values[0]) { ++ escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1); ++ if (!escap_passwd) { ++ ret = SASL_NOMEM; ++ break; ++ } ++ settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]); ++ } ++ + /* create a statement that we will use */ + statement = sql_create_statement(cmd, cur->name, escap_userid, + escap_realm, +- cur->values && cur->values[0] ? +- cur->values[0] : SQL_NULL_VALUE, ++ escap_passwd ? ++ escap_passwd : SQL_NULL_VALUE, + sparams->utils); ++ if (!statement) { ++ ret = SASL_NOMEM; ++ break; ++ } + + { + char *log_statement = + sql_create_statement(cmd, cur->name, + escap_userid, + escap_realm, +- cur->values && cur->values[0] ? ++ escap_passwd ? + "" : SQL_NULL_VALUE, + sparams->utils); + sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG, +@@ -1287,6 +1306,7 @@ static int sql_auxprop_store(void *glob_context, + done: + if (escap_userid) sparams->utils->free(escap_userid); + if (escap_realm) sparams->utils->free(escap_realm); ++ if (escap_passwd) sparams->utils->free(escap_passwd); + if (conn) settings->sql_engine->sql_close(conn); + if (userid) sparams->utils->free(userid); + if (realm) sparams->utils->free(realm);