diff options
| author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-06-08 02:02:24 -0500 |
|---|---|---|
| committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-06-08 02:02:24 -0500 |
| commit | fd2bb2f751c13b3c0c002b8e012810902b9da364 (patch) | |
| tree | 17b2e38c966c9f96cfa568c1f572261a289590e6 /system/openldap/CVE-2017-9287.patch | |
| parent | b0a5136bf3326ba38b360be288d06f9a27f2a4d2 (diff) | |
| download | packages-fd2bb2f751c13b3c0c002b8e012810902b9da364.tar.gz packages-fd2bb2f751c13b3c0c002b8e012810902b9da364.tar.bz2 packages-fd2bb2f751c13b3c0c002b8e012810902b9da364.tar.xz packages-fd2bb2f751c13b3c0c002b8e012810902b9da364.zip | |
harmony -> system
Diffstat (limited to 'system/openldap/CVE-2017-9287.patch')
| -rw-r--r-- | system/openldap/CVE-2017-9287.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/system/openldap/CVE-2017-9287.patch b/system/openldap/CVE-2017-9287.patch new file mode 100644 index 000000000..1599c1331 --- /dev/null +++ b/system/openldap/CVE-2017-9287.patch @@ -0,0 +1,28 @@ +From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001 +From: Ryan Tandy <ryan@nardis.ca> +Date: Wed, 17 May 2017 20:07:39 -0700 +Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0 + +Fixes a double free when a search includes the Paged Results control +with a page size of 0 and the search base matches the filter. +--- + servers/slapd/back-mdb/search.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c +index 301d1a4..43442aa 100644 +--- a/servers/slapd/back-mdb/search.c ++++ b/servers/slapd/back-mdb/search.c +@@ -1066,7 +1066,8 @@ notfound: + /* check size limit */ + if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) { + if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) { +- mdb_entry_return( op, e ); ++ if (e != base) ++ mdb_entry_return( op, e ); + e = NULL; + send_paged_response( op, rs, &lastid, tentries ); + goto done; +-- +1.7.10.4 + |