autofs/autofs-5.1.4-fix-use-after-free-in-parse_ldap_config.patch

35 lines
997 B
Diff

autofs-5.1.4 - fix use after free in parse_ldap_config()
From: Ian Kent <raven@themaw.net>
Commit a4a2af5f30 (covarity fixes) incorrecly frees local variable
authtype after assigning it to a lookup context structure member.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/lookup_ldap.c | 2 --
2 files changed, 1 insertion(+), 2 deletions(-)
--- autofs-5.1.4.orig/CHANGELOG
+++ autofs-5.1.4/CHANGELOG
@@ -33,6 +33,7 @@ xx/xx/2018 autofs-5.1.5
- set bind mount as propagation slave.
- add master map pseudo options for mount propagation.
- fix age setting at startup.
+- fix use after free in parse_ldap_config().
19/12/2017 autofs-5.1.4
- fix spec file url.
--- autofs-5.1.4.orig/modules/lookup_ldap.c
+++ autofs-5.1.4/modules/lookup_ldap.c
@@ -1383,8 +1383,6 @@ auth_fail:
user, secret ? "specified" : "unspecified",
client_princ, client_cc);
}
- if (authtype)
- free(authtype);
out:
xmlFreeDoc(doc);
if (auth_conf)