svn commit: r378558 - in head/net/openldap24-server: . files

Xin LI delphij at FreeBSD.org
Fri Feb 6 22:18:17 UTC 2015 

Author: delphij
Date: Fri Feb  6 22:18:15 2015
New Revision: 378558
URL: https://svnweb.freebsd.org/changeset/ports/378558
QAT: https://qat.redports.org/buildarchive/r378558/

Log:
  Apply two upstream patches to address two remote DoS issues:
  
   - ITS8027: crash when a search includes the Deref control with an
     empty attribute list.
   - ITS8046: double free and crash by certain search queries using
     the Matched Values control.
  
  MFH:	2015Q1

Added:
  head/net/openldap24-server/files/patch-ITS8027   (contents, props changed)
  head/net/openldap24-server/files/patch-ITS8046   (contents, props changed)
Modified:
  head/net/openldap24-server/Makefile

Modified: head/net/openldap24-server/Makefile
==============================================================================
--- head/net/openldap24-server/Makefile	Fri Feb  6 22:04:17 2015	(r378557)
+++ head/net/openldap24-server/Makefile	Fri Feb  6 22:18:15 2015	(r378558)
@@ -59,7 +59,7 @@ BROKEN=			incompatible OpenLDAP version:
 .endif
 
 PORTREVISION_CLIENT=	1
-PORTREVISION_SERVER=	2
+PORTREVISION_SERVER=	3
 OPENLDAP_SHLIB_MAJOR=	2
 OPENLDAP_SHLIB_MINOR=	10.3
 OPENLDAP_MAJOR=		${DISTVERSION:R}

Added: head/net/openldap24-server/files/patch-ITS8027
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/openldap24-server/files/patch-ITS8027	Fri Feb  6 22:18:15 2015	(r378558)
@@ -0,0 +1,26 @@
+From c32e74763f77675b9e144126e375977ed6dc562c Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc at openldap.org>
+Date: Mon, 19 Jan 2015 22:25:53 +0000
+Subject: [PATCH] ITS#8027 require non-empty AttributeList
+
+---
+ servers/slapd/overlays/deref.c |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git servers/slapd/overlays/deref.c servers/slapd/overlays/deref.c
+index 9420e3e..05aa890 100644
+--- servers/slapd/overlays/deref.c
++++ servers/slapd/overlays/deref.c
+@@ -183,7 +183,8 @@ deref_parseCtrl (
+ 		ber_len_t cnt = sizeof(struct berval);
+ 		ber_len_t off = 0;
+ 
+-		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR )
++		if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR
++			|| !cnt )
+ 		{
+ 			rs->sr_text = "Dereference control: derefSpec decoding error";
+ 			rs->sr_err = LDAP_PROTOCOL_ERROR;
+-- 
+1.7.10.4
+

Added: head/net/openldap24-server/files/patch-ITS8046
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/openldap24-server/files/patch-ITS8046	Fri Feb  6 22:18:15 2015	(r378558)
@@ -0,0 +1,34 @@
+From 2f1a2dd329b91afe561cd06b872d09630d4edb6a Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc at openldap.org>
+Date: Wed, 4 Feb 2015 02:03:55 +0000
+Subject: [PATCH] ITS#8046 fix vrFilter_free
+
+---
+ servers/slapd/filter.c |   10 +++-------
+ 1 file changed, 3 insertions(+), 7 deletions(-)
+
+diff --git servers/slapd/filter.c servers/slapd/filter.c
+index b859f73..22c81c8 100644
+--- servers/slapd/filter.c
++++ servers/slapd/filter.c
+@@ -1158,14 +1158,10 @@ get_vrFilter( Operation *op, BerElement *ber,
+ void
+ vrFilter_free( Operation *op, ValuesReturnFilter *vrf )
+ {
+-	ValuesReturnFilter	*p, *next;
++	ValuesReturnFilter	*next;
+ 
+-	if ( vrf == NULL ) {
+-		return;
+-	}
+-
+-	for ( p = vrf; p != NULL; p = next ) {
+-		next = p->vrf_next;
++	for ( ; vrf != NULL; vrf = next ) {
++		next = vrf->vrf_next;
+ 
+ 		switch ( vrf->vrf_choice & SLAPD_FILTER_MASK ) {
+ 		case LDAP_FILTER_PRESENT:
+-- 
+1.7.10.4
+

More information about the svn-ports-head mailing list