!90 fix cve-2023-2953
From: @compile_success Reviewed-by: @gebidelidaye Signed-off-by: @gebidelidaye
This commit is contained in:
openeuler-ci-bot
Gitee
commit
7302a1ff55
70
backport-ITS-9904-check-for-strdup-failure.patch
Normal file
70
backport-ITS-9904-check-for-strdup-failure.patch
Normal file
@ -0,0 +1,70 @@
|
||||
From 3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 Mon Sep 17 00:00:00 2001
|
||||
From: Howard Chu <hyc@openldap.org>
|
||||
Date: Thu, 25 Aug 2022 16:13:21 +0100
|
||||
Subject: [PATCH] ITS#9904 ldap_url_parsehosts: check for strdup failure
|
||||
|
||||
Avoid unnecessary strdup in IPv6 addr parsing, check for strdup
|
||||
failure when dup'ing scheme.
|
||||
|
||||
Code present since 2000, 8da110a9e726dbc612b302feafe0109271e6bc59
|
||||
---
|
||||
libraries/libldap/url.c | 21 ++++++++++++---------
|
||||
1 file changed, 12 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
|
||||
index 7e56564265..8df0abd044 100644
|
||||
--- a/libraries/libldap/url.c
|
||||
+++ b/libraries/libldap/url.c
|
||||
@@ -1386,24 +1386,22 @@ ldap_url_parsehosts(
|
||||
}
|
||||
ludp->lud_port = port;
|
||||
ludp->lud_host = specs[i];
|
||||
- specs[i] = NULL;
|
||||
p = strchr(ludp->lud_host, ':');
|
||||
if (p != NULL) {
|
||||
/* more than one :, IPv6 address */
|
||||
if ( strchr(p+1, ':') != NULL ) {
|
||||
/* allow [address] and [address]:port */
|
||||
if ( *ludp->lud_host == '[' ) {
|
||||
- p = LDAP_STRDUP(ludp->lud_host+1);
|
||||
- /* copied, make sure we free source later */
|
||||
- specs[i] = ludp->lud_host;
|
||||
- ludp->lud_host = p;
|
||||
- p = strchr( ludp->lud_host, ']' );
|
||||
+ p = strchr( ludp->lud_host+1, ']' );
|
||||
if ( p == NULL ) {
|
||||
LDAP_FREE(ludp);
|
||||
ldap_charray_free(specs);
|
||||
return LDAP_PARAM_ERROR;
|
||||
}
|
||||
- *p++ = '\0';
|
||||
+ /* Truncate trailing ']' and shift hostname down 1 char */
|
||||
+ *p = '\0';
|
||||
+ AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host );
|
||||
+ p++;
|
||||
if ( *p != ':' ) {
|
||||
if ( *p != '\0' ) {
|
||||
LDAP_FREE(ludp);
|
||||
@@ -1429,14 +1427,19 @@ ldap_url_parsehosts(
|
||||
}
|
||||
}
|
||||
}
|
||||
- ldap_pvt_hex_unescape(ludp->lud_host);
|
||||
ludp->lud_scheme = LDAP_STRDUP("ldap");
|
||||
+ if ( ludp->lud_scheme == NULL ) {
|
||||
+ LDAP_FREE(ludp);
|
||||
+ ldap_charray_free(specs);
|
||||
+ return LDAP_NO_MEMORY;
|
||||
+ }
|
||||
+ specs[i] = NULL;
|
||||
+ ldap_pvt_hex_unescape(ludp->lud_host);
|
||||
ludp->lud_next = *ludlist;
|
||||
*ludlist = ludp;
|
||||
}
|
||||
|
||||
/* this should be an array of NULLs now */
|
||||
- /* except entries starting with [ */
|
||||
ldap_charray_free(specs);
|
||||
return LDAP_SUCCESS;
|
||||
}
|
||||
--
|
||||
@ -0,0 +1,26 @@
|
||||
From ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 Mon Sep 17 00:00:00 2001
|
||||
From: Howard Chu <hyc@openldap.org>
|
||||
Date: Wed, 24 Aug 2022 14:40:51 +0100
|
||||
Subject: [PATCH] ITS#9904 ldif_open_url: check for ber_strdup failure
|
||||
|
||||
Code present since 1999, df8f7cbb9b79be3be9205d116d1dd0b263d6861a
|
||||
---
|
||||
libraries/libldap/fetch.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/libraries/libldap/fetch.c b/libraries/libldap/fetch.c
|
||||
index 9e426dc64..536871bcf 100644
|
||||
--- a/libraries/libldap/fetch.c
|
||||
+++ b/libraries/libldap/fetch.c
|
||||
@@ -69,6 +69,8 @@ ldif_open_url(
|
||||
}
|
||||
|
||||
p = ber_strdup( urlstr );
|
||||
+ if ( p == NULL )
|
||||
+ return NULL;
|
||||
|
||||
/* But we should convert to LDAP_DIRSEP before use */
|
||||
if ( LDAP_DIRSEP[0] != '/' ) {
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: openldap
|
||||
Version: 2.4.50
|
||||
Release: 7
|
||||
Release: 8
|
||||
Summary: LDAP support libraries
|
||||
License: OpenLDAP
|
||||
URL: https://www.openldap.org/
|
||||
@ -65,6 +65,8 @@ Patch44: CVE-2021-27212.patch
|
||||
Patch45: CVE-2020-25709.patch
|
||||
Patch46: CVE-2020-25710.patch
|
||||
Patch47: backport-fix-cve-2022-29155.patch
|
||||
Patch48: backport-ITS-9904-check-for-strdup-failure.patch
|
||||
Patch49: backport-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch
|
||||
|
||||
BuildRequires: cyrus-sasl-devel openssl-devel krb5-devel unixODBC-devel chrpath
|
||||
BuildRequires: glibc-devel libtool libtool-ltdl-devel groff perl-interpreter perl-devel perl-generators perl-ExtUtils-Embed
|
||||
@ -177,6 +179,8 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
|
||||
%patch45 -p1
|
||||
%patch46 -p1
|
||||
%patch47 -p1
|
||||
%patch48 -p1
|
||||
%patch49 -p1
|
||||
|
||||
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
|
||||
mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
|
||||
@ -459,6 +463,9 @@ popd
|
||||
%doc ltb-project-openldap-ppolicy-check-password-1.1/README.check_pwd
|
||||
|
||||
%changelog
|
||||
* Wed Jun 7 2023 zhujunhao <zhujunhao11@huawei.com> - 2.4.50-8
|
||||
- fix CVE-2023-2953
|
||||
|
||||
* Mon May 16 2022 zhujunhao <zhujunhao11@huawei.com> - 2.4.50-7
|
||||
- fix CVE-2022-29155
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user