[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8674) Leak in ldap_create_assertion_control
--nextPart2367739.nNEjSNJblS
Content-Type: multipart/mixed; boundary="nextPart4704199.6R7aSYJDEk"
Content-Transfer-Encoding: quoted-printable
This is a multi-part message in MIME format.
--nextPart4704199.6R7aSYJDEk
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Hello,
I encountered this bug as well while adding controls support into php-ldap (see https://github.com/php/php-src/pull/2640 - WIP)
I used the work-around but it would still be better to fix this in openldap.
Please consider merging the attached patch.
--nextPart4704199.6R7aSYJDEk
Content-Disposition: attachment; filename="0001-Fixing-8674-Leak-in-ldap_create_assertion_control.patch"
Content-Transfer-Encoding: 7Bit
Content-Type: text/x-patch; charset="UTF-8"; name="0001-Fixing-8674-Leak-in-ldap_create_assertion_control.patch"
From=2059e15d7cd5217312fcc6e3343476416a39cdc739 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Thu, 7 Sep 2017 17:11:57 +0200
Subject: [PATCH] Fixing #8674 Leak in ldap_create_assertion_control
ldap_create_assertion_control_value was returning ld->ld_errno
upon success without reseting it to LDAP_SUCCESS first
---
libraries/libldap/assertion.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libraries/libldap/assertion.c b/libraries/libldap/assertion.c
index 8ccd5c188..e736d59eb 100644
--- a/libraries/libldap/assertion.c
+++ b/libraries/libldap/assertion.c
@@ -31,6 +31,8 @@ ldap_create_assertion_control_value(
BerElement *ber = NULL;
int err;
+ ld->ld_errno = LDAP_SUCCESS;
+
if ( assertion == NULL || assertion[ 0 ] == '\0' ) {
ld->ld_errno = LDAP_PARAM_ERROR;
return ld->ld_errno;
--
2.11.0
--nextPart4704199.6R7aSYJDEk--
This is a multi-part message in MIME format.
--nextPart4704199.6R7aSYJDEk
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Hello,
I encountered this bug as well while adding controls support into php-ldap (see https://github.com/php/php-src/pull/2640 - WIP)
I used the work-around but it would still be better to fix this in openldap.
Please consider merging the attached patch.
--nextPart4704199.6R7aSYJDEk
Content-Disposition: attachment; filename="0001-Fixing-8674-Leak-in-ldap_create_assertion_control.patch"
Content-Transfer-Encoding: 7Bit
Content-Type: text/x-patch; charset="UTF-8"; name="0001-Fixing-8674-Leak-in-ldap_create_assertion_control.patch"
>From 59e15d7cd5217312fcc6e3343476416a39cdc739 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Thu, 7 Sep 2017 17:11:57 +0200
Subject: [PATCH] Fixing #8674 Leak in ldap_create_assertion_control
ldap_create_assertion_control_value was returning ld->ld_errno
upon success without reseting it to LDAP_SUCCESS first
---
libraries/libldap/assertion.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libraries/libldap/assertion.c b/libraries/libldap/assertion.c
index 8ccd5c188..e736d59eb 100644
--- a/libraries/libldap/assertion.c
+++ b/libraries/libldap/assertion.c
@@ -31,6 +31,8 @@ ldap_create_assertion_control_value(
BerElement *ber = NULL;
int err;
+ ld->ld_errno = LDAP_SUCCESS;
+
if ( assertion == NULL || assertion[ 0 ] == '\0' ) {
ld->ld_errno = LDAP_PARAM_ERROR;
return ld->ld_errno;
--
2.11.0
--nextPart4704199.6R7aSYJDEk--
--nextPart2367739.nNEjSNJblS
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part.
Content-Transfer-Encoding: 7Bit
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEnJSNrcx2T3JL/3cLqGTYw87LDgAFAlmxaNcACgkQqGTYw87L
DgAVJA/+IlrkY3qAMDWe3CqrX4XDwFcA2C3BNzLuPvsymVl2vWNjwn/t7HmpWR2v
Hs+mLeTZwe/Z7+zej5H0FujRzHnzaEm3OsGf26mPZeeIRkC1PvE9CLUZzn4M9Mak
fejbb2a4EcQnPy7aAD/3Ux2mjJgF2Bl3zc8K0rQO9VSxjpNErt8U2aKgKB+t1QFb
/rV4+p/ovRbFydz+RweLBI4+5kuEkWxwfc1JesbjpFNZoEJFv8oCqaRZ3RdU4KQr
6v6+Ku5O9NWp325tXcZ7aW1DQ7BhoVnYAHMl0aLLWvNF95I2yAHaWJAJJ09DooBd
43kLxqcITLuuMg3fIzSeqQs8SEWl5/p3Km64iuAhg4px8+A9Zy//I3mwCI7Qhui8
ZNTrC3cDVBE0Jy5o5QNH1YYEVq65jVvpsm95RhS0PAtN7XsSjRDnvbdinyhdV2oD
vtEHivK9B66KcKAxe+c9vluaQB3VImzX2Ji5ceLipGwesHOs6Qj8uaXcYZvopRPz
ffbeFFYWDLWJvBZmG/9C1AvPGKEThli8gtsO1JGcFwnv0Wnf1ClBSy8W3qcUtugh
pKtBvrUG1aUKogwNZOeg7hdv0nS5joNHRjQT7apD+z1zA0u/uZ8FHn1j/XkQxyXv
ArP/jEWsxMRNIaxmZJsVViEFnQNsNoJq7+Z9LBee86cl+IpwNik=
=Hdb1
-----END PGP SIGNATURE-----
--nextPart2367739.nNEjSNJblS--