b0415c0361
* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/openldap.scm (openldap)[replacement]: New field. (openldap/fixed): New variable.
37 lines
1.3 KiB
Diff
37 lines
1.3 KiB
Diff
Fix CVE-2017-9287:
|
|
|
|
https://www.openldap.org/its/?findid=8655
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9287
|
|
|
|
Patch copied from upstream source repository:
|
|
|
|
https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
|
|
|
|
From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001
|
|
From: Ryan Tandy <ryan@nardis.ca>
|
|
Date: Wed, 17 May 2017 20:07:39 -0700
|
|
Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0
|
|
|
|
Fixes a double free when a search includes the Paged Results control
|
|
with a page size of 0 and the search base matches the filter.
|
|
---
|
|
servers/slapd/back-mdb/search.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c
|
|
index 301d1a498c..43442aa242 100644
|
|
--- a/servers/slapd/back-mdb/search.c
|
|
+++ b/servers/slapd/back-mdb/search.c
|
|
@@ -1066,7 +1066,8 @@ notfound:
|
|
/* check size limit */
|
|
if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
|
|
if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
|
|
- mdb_entry_return( op, e );
|
|
+ if (e != base)
|
|
+ mdb_entry_return( op, e );
|
|
e = NULL;
|
|
send_paged_response( op, rs, &lastid, tentries );
|
|
goto done;
|
|
--
|
|
2.13.0
|
|
|