diff --git a/0013_openldap-its9124_fix_crash_with_cancel_exop.patch b/0013_openldap-its9124_fix_crash_with_cancel_exop.patch new file mode 100644 index 0000000..4bec781 --- /dev/null +++ b/0013_openldap-its9124_fix_crash_with_cancel_exop.patch @@ -0,0 +1,47 @@ +--- openldap-2.4.48.orig/servers/slapd/cancel.c 2019-07-23 16:46:22.000000000 +0200 ++++ openldap-2.4.48/servers/slapd/cancel.c 2020-01-10 13:15:53.884714390 +0100 +@@ -2,7 +2,7 @@ + /* $OpenLDAP$ */ + /* This work is part of OpenLDAP Software . + * +- * Copyright 1998-2019 The OpenLDAP Foundation. ++ * Copyright 1998-2020 The OpenLDAP Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without +@@ -34,7 +34,8 @@ + Operation *o; + int rc; + int opid; +- BerElement *ber; ++ BerElementBuffer berbuf; ++ BerElement *ber = (BerElement *)&berbuf; + + assert( ber_bvcmp( &slap_EXOP_CANCEL, &op->ore_reqoid ) == 0 ); + +@@ -43,19 +44,19 @@ + return LDAP_PROTOCOL_ERROR; + } + +- ber = ber_init( op->ore_reqdata ); +- if ( ber == NULL ) { +- rs->sr_text = "internal error"; +- return LDAP_OTHER; ++ if ( op->ore_reqdata->bv_len == 0 ) { ++ rs->sr_text = "empty request data field"; ++ return LDAP_PROTOCOL_ERROR; + } + ++ /* ber_init2 uses reqdata directly, doesn't allocate new buffers */ ++ ber_init2( ber, op->ore_reqdata, 0 ); ++ + if ( ber_scanf( ber, "{i}", &opid ) == LBER_ERROR ) { + rs->sr_text = "message ID parse failed"; + return LDAP_PROTOCOL_ERROR; + } + +- (void) ber_free( ber, 1 ); +- + Statslog( LDAP_DEBUG_STATS, "%s CANCEL msg=%d\n", + op->o_log_prefix, opid, 0, 0, 0 ); + diff --git a/openldap2.changes b/openldap2.changes index 1d3c90f..aac63cd 100644 --- a/openldap2.changes +++ b/openldap2.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Jan 10 13:16:40 UTC 2020 - Michael Ströder + +- added back-port patch + 0013_openldap-its9124_fix_crash_with_cancel_exop.patch + to fix OpenLDAP ITS#9124 + ------------------------------------------------------------------- Sun Dec 22 14:44:19 UTC 2019 - Michael Ströder diff --git a/openldap2.spec b/openldap2.spec index 65b8cc4..423f8cf 100644 --- a/openldap2.spec +++ b/openldap2.spec @@ -63,6 +63,7 @@ Patch7: 0007-Recover-on-DB-version-change.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch9: 0009-Fix-ldap-host-lookup-ipv6.patch Patch11: 0011-openldap-re24-its7796.patch +Patch13: 0013_openldap-its9124_fix_crash_with_cancel_exop.patch Patch15: openldap-r-only.dif Patch16: 0016-Clear-shared-key-only-in-close-function.patch Source200: %{name_ppolicy_check_module}-%{version_ppolicy_check_module}.tar.gz @@ -258,6 +259,7 @@ gzip -k %{S:203} %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch13 -p1 %patch15 -p1 %patch16 -p1 cp %{SOURCE5} .