Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2020-01-12 23:18:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.6675 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openldap2"
Sun Jan 12 23:18:27 2020 rev:150 rq:762858 version:unknown
Changes:
--------
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-01-03
17:36:09.871270414 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.6675/openldap2.changes
2020-01-12 23:19:11.202700794 +0100
@@ -1,0 +2,7 @@
+Fri Jan 10 13:16:40 UTC 2020 - Michael Ströder <mich...@stroeder.com>
+
+- added back-port patch
+ 0013_openldap-its9124_fix_crash_with_cancel_exop.patch
+ to fix OpenLDAP ITS#9124
+
+-------------------------------------------------------------------
New:
----
0013_openldap-its9124_fix_crash_with_cancel_exop.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openldap2.spec ++++++
--- /var/tmp/diff_new_pack.k7sw2C/_old 2020-01-12 23:19:14.318701946 +0100
+++ /var/tmp/diff_new_pack.k7sw2C/_new 2020-01-12 23:19:14.350701958 +0100
@@ -63,6 +63,7 @@
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch9: 0009-Fix-ldap-host-lookup-ipv6.patch
Patch11: 0011-openldap-re24-its7796.patch
+Patch13: 0013_openldap-its9124_fix_crash_with_cancel_exop.patch
Patch15: openldap-r-only.dif
Patch16: 0016-Clear-shared-key-only-in-close-function.patch
Source200:
%{name_ppolicy_check_module}-%{version_ppolicy_check_module}.tar.gz
@@ -258,6 +259,7 @@
%patch8 -p1
%patch9 -p1
%patch11 -p1
+%patch13 -p1
%patch15 -p1
%patch16 -p1
cp %{SOURCE5} .
++++++ 0013_openldap-its9124_fix_crash_with_cancel_exop.patch ++++++
--- openldap-2.4.48.orig/servers/slapd/cancel.c 2019-07-23 16:46:22.000000000
+0200
+++ openldap-2.4.48/servers/slapd/cancel.c 2020-01-10 13:15:53.884714390
+0100
@@ -2,7 +2,7 @@
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2019 The OpenLDAP Foundation.
+ * Copyright 1998-2020 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -34,7 +34,8 @@
Operation *o;
int rc;
int opid;
- BerElement *ber;
+ BerElementBuffer berbuf;
+ BerElement *ber = (BerElement *)&berbuf;
assert( ber_bvcmp( &slap_EXOP_CANCEL, &op->ore_reqoid ) == 0 );
@@ -43,19 +44,19 @@
return LDAP_PROTOCOL_ERROR;
}
- ber = ber_init( op->ore_reqdata );
- if ( ber == NULL ) {
- rs->sr_text = "internal error";
- return LDAP_OTHER;
+ if ( op->ore_reqdata->bv_len == 0 ) {
+ rs->sr_text = "empty request data field";
+ return LDAP_PROTOCOL_ERROR;
}
+ /* ber_init2 uses reqdata directly, doesn't allocate new buffers */
+ ber_init2( ber, op->ore_reqdata, 0 );
+
if ( ber_scanf( ber, "{i}", &opid ) == LBER_ERROR ) {
rs->sr_text = "message ID parse failed";
return LDAP_PROTOCOL_ERROR;
}
- (void) ber_free( ber, 1 );
-
Statslog( LDAP_DEBUG_STATS, "%s CANCEL msg=%d\n",
op->o_log_prefix, opid, 0, 0, 0 );
