curl/0001-curl-7.75.0-ldaps-segv.patch

From 17686d25019489f43f3d5641db8683932857845e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 15 Feb 2021 09:41:22 +0100
Subject: [PATCH 1/2] openldap: pass 'data' to the callbacks instead of 'conn'

Upstream-commit: a59c33ceffb8f78b71fa084bbc99c94ecfe82ce6
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 lib/openldap.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/lib/openldap.c b/lib/openldap.c
index 4070bbf..d079822 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -278,7 +278,7 @@ static CURLcode ldap_connecting(struct Curl_easy *data, bool *done)
     if(!li->sslinst) {
       Sockbuf *sb;
       ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);
-      ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, conn);
+      ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data);
       li->sslinst = TRUE;
       li->recv = conn->recv[FIRSTSOCKET];
       li->send = conn->send[FIRSTSOCKET];
@@ -716,8 +716,8 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
 {
   (void)arg;
   if(opt == LBER_SB_OPT_DATA_READY) {
-    struct connectdata *conn = sbiod->sbiod_pvt;
-    return Curl_ssl_data_pending(conn, FIRSTSOCKET);
+    struct Curl_easy *data = sbiod->sbiod_pvt;
+    return Curl_ssl_data_pending(data->conn, FIRSTSOCKET);
   }
   return 0;
 }
@@ -725,12 +725,13 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
 static ber_slen_t
 ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 {
-  struct connectdata *conn = sbiod->sbiod_pvt;
+  struct Curl_easy *data = sbiod->sbiod_pvt;
+  struct connectdata *conn = data->conn;
   struct ldapconninfo *li = conn->proto.ldapc;
   ber_slen_t ret;
   CURLcode err = CURLE_RECV_ERROR;
 
-  ret = (li->recv)(conn->data, FIRSTSOCKET, buf, len, &err);
+  ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
   if(ret < 0 && err == CURLE_AGAIN) {
     SET_SOCKERRNO(EWOULDBLOCK);
   }
@@ -740,12 +741,13 @@ ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 static ber_slen_t
 ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 {
-  struct connectdata *conn = sbiod->sbiod_pvt;
+  struct Curl_easy *data = sbiod->sbiod_pvt;
+  struct connectdata *conn = data->conn;
   struct ldapconninfo *li = conn->proto.ldapc;
   ber_slen_t ret;
   CURLcode err = CURLE_SEND_ERROR;
 
-  ret = (li->send)(conn->data, FIRSTSOCKET, buf, len, &err);
+  ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
   if(ret < 0 && err == CURLE_AGAIN) {
     SET_SOCKERRNO(EWOULDBLOCK);
   }
-- 
2.26.3


From a1c1f175e44ef95c47b1e2e91424e193ee7a0d0b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 23 Mar 2021 09:28:07 +0100
Subject: [PATCH 2/2] openldap: avoid NULL pointer dereferences

Follow-up to a59c33ceffb8f78
Reported-by: Patrick Monnerat
Fixes #6676
Closes #6780

Upstream-commit: e467ea3bd937f38e1d2e070a68ed451303ba1e73
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 lib/openldap.c | 40 +++++++++++++++++++++++++---------------
 1 file changed, 25 insertions(+), 15 deletions(-)

diff --git a/lib/openldap.c b/lib/openldap.c
index d079822..066c0fd 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -369,6 +369,9 @@ static CURLcode ldap_disconnect(struct Curl_easy *data,
 
   if(li) {
     if(li->ld) {
+      Sockbuf *sb;
+      ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);
+      ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, NULL);
       ldap_unbind_ext(li->ld, NULL, NULL);
       li->ld = NULL;
     }
@@ -726,14 +729,18 @@ static ber_slen_t
 ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 {
   struct Curl_easy *data = sbiod->sbiod_pvt;
-  struct connectdata *conn = data->conn;
-  struct ldapconninfo *li = conn->proto.ldapc;
-  ber_slen_t ret;
-  CURLcode err = CURLE_RECV_ERROR;
+  ber_slen_t ret = 0;
+  if(data) {
+    struct connectdata *conn = data->conn;
+    if(conn) {
+      struct ldapconninfo *li = conn->proto.ldapc;
+      CURLcode err = CURLE_RECV_ERROR;
 
-  ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
-  if(ret < 0 && err == CURLE_AGAIN) {
-    SET_SOCKERRNO(EWOULDBLOCK);
+      ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);
+      if(ret < 0 && err == CURLE_AGAIN) {
+        SET_SOCKERRNO(EWOULDBLOCK);
+      }
+    }
   }
   return ret;
 }
@@ -742,14 +749,17 @@ static ber_slen_t
 ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 {
   struct Curl_easy *data = sbiod->sbiod_pvt;
-  struct connectdata *conn = data->conn;
-  struct ldapconninfo *li = conn->proto.ldapc;
-  ber_slen_t ret;
-  CURLcode err = CURLE_SEND_ERROR;
-
-  ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
-  if(ret < 0 && err == CURLE_AGAIN) {
-    SET_SOCKERRNO(EWOULDBLOCK);
+  ber_slen_t ret = 0;
+  if(data) {
+    struct connectdata *conn = data->conn;
+    if(conn) {
+      struct ldapconninfo *li = conn->proto.ldapc;
+      CURLcode err = CURLE_SEND_ERROR;
+      ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);
+      if(ret < 0 && err == CURLE_AGAIN) {
+        SET_SOCKERRNO(EWOULDBLOCK);
+      }
+    }
   }
   return ret;
 }
-- 
2.26.3
Resolves: #1941925 - fix SIGSEGV upon disconnect of a ldaps:// transfer 2021-03-24 10:04:10 +00:00			`From 17686d25019489f43f3d5641db8683932857845e Mon Sep 17 00:00:00 2001`
			`From: Daniel Stenberg <daniel@haxx.se>`
			`Date: Mon, 15 Feb 2021 09:41:22 +0100`
			`Subject: [PATCH 1/2] openldap: pass 'data' to the callbacks instead of 'conn'`

			`Upstream-commit: a59c33ceffb8f78b71fa084bbc99c94ecfe82ce6`
			`Signed-off-by: Kamil Dudka <kdudka@redhat.com>`
			`---`
			`lib/openldap.c \| 16 +++++++++-------`
			`1 file changed, 9 insertions(+), 7 deletions(-)`

			`diff --git a/lib/openldap.c b/lib/openldap.c`
			`index 4070bbf..d079822 100644`
			`--- a/lib/openldap.c`
			`+++ b/lib/openldap.c`
			`@@ -278,7 +278,7 @@ static CURLcode ldap_connecting(struct Curl_easy data, bool done)`
			`if(!li->sslinst) {`
			`Sockbuf *sb;`
			`ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);`
			`- ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, conn);`
			`+ ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data);`
			`li->sslinst = TRUE;`
			`li->recv = conn->recv[FIRSTSOCKET];`
			`li->send = conn->send[FIRSTSOCKET];`
			`@@ -716,8 +716,8 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc sbiod, int opt, void arg)`
			`{`
			`(void)arg;`
			`if(opt == LBER_SB_OPT_DATA_READY) {`
			`- struct connectdata *conn = sbiod->sbiod_pvt;`
			`- return Curl_ssl_data_pending(conn, FIRSTSOCKET);`
			`+ struct Curl_easy *data = sbiod->sbiod_pvt;`
			`+ return Curl_ssl_data_pending(data->conn, FIRSTSOCKET);`
			`}`
			`return 0;`
			`}`
			`@@ -725,12 +725,13 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc sbiod, int opt, void arg)`
			`static ber_slen_t`
			`ldapsb_tls_read(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len)`
			`{`
			`- struct connectdata *conn = sbiod->sbiod_pvt;`
			`+ struct Curl_easy *data = sbiod->sbiod_pvt;`
			`+ struct connectdata *conn = data->conn;`
			`struct ldapconninfo *li = conn->proto.ldapc;`
			`ber_slen_t ret;`
			`CURLcode err = CURLE_RECV_ERROR;`

			`- ret = (li->recv)(conn->data, FIRSTSOCKET, buf, len, &err);`
			`+ ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);`
			`if(ret < 0 && err == CURLE_AGAIN) {`
			`SET_SOCKERRNO(EWOULDBLOCK);`
			`}`
			`@@ -740,12 +741,13 @@ ldapsb_tls_read(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len)`
			`static ber_slen_t`
			`ldapsb_tls_write(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len)`
			`{`
			`- struct connectdata *conn = sbiod->sbiod_pvt;`
			`+ struct Curl_easy *data = sbiod->sbiod_pvt;`
			`+ struct connectdata *conn = data->conn;`
			`struct ldapconninfo *li = conn->proto.ldapc;`
			`ber_slen_t ret;`
			`CURLcode err = CURLE_SEND_ERROR;`

			`- ret = (li->send)(conn->data, FIRSTSOCKET, buf, len, &err);`
			`+ ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);`
			`if(ret < 0 && err == CURLE_AGAIN) {`
			`SET_SOCKERRNO(EWOULDBLOCK);`
			`}`
			`--`
			`2.26.3`


			`From a1c1f175e44ef95c47b1e2e91424e193ee7a0d0b Mon Sep 17 00:00:00 2001`
			`From: Daniel Stenberg <daniel@haxx.se>`
			`Date: Tue, 23 Mar 2021 09:28:07 +0100`
			`Subject: [PATCH 2/2] openldap: avoid NULL pointer dereferences`

			`Follow-up to a59c33ceffb8f78`
			`Reported-by: Patrick Monnerat`
			`Fixes #6676`
			`Closes #6780`

			`Upstream-commit: e467ea3bd937f38e1d2e070a68ed451303ba1e73`
			`Signed-off-by: Kamil Dudka <kdudka@redhat.com>`
			`---`
			`lib/openldap.c \| 40 +++++++++++++++++++++++++---------------`
			`1 file changed, 25 insertions(+), 15 deletions(-)`

			`diff --git a/lib/openldap.c b/lib/openldap.c`
			`index d079822..066c0fd 100644`
			`--- a/lib/openldap.c`
			`+++ b/lib/openldap.c`
			`@@ -369,6 +369,9 @@ static CURLcode ldap_disconnect(struct Curl_easy *data,`

			`if(li) {`
			`if(li->ld) {`
			`+ Sockbuf *sb;`
			`+ ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb);`
			`+ ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, NULL);`
			`ldap_unbind_ext(li->ld, NULL, NULL);`
			`li->ld = NULL;`
			`}`
			`@@ -726,14 +729,18 @@ static ber_slen_t`
			`ldapsb_tls_read(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len)`
			`{`
			`struct Curl_easy *data = sbiod->sbiod_pvt;`
			`- struct connectdata *conn = data->conn;`
			`- struct ldapconninfo *li = conn->proto.ldapc;`
			`- ber_slen_t ret;`
			`- CURLcode err = CURLE_RECV_ERROR;`
			`+ ber_slen_t ret = 0;`
			`+ if(data) {`
			`+ struct connectdata *conn = data->conn;`
			`+ if(conn) {`
			`+ struct ldapconninfo *li = conn->proto.ldapc;`
			`+ CURLcode err = CURLE_RECV_ERROR;`

			`- ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);`
			`- if(ret < 0 && err == CURLE_AGAIN) {`
			`- SET_SOCKERRNO(EWOULDBLOCK);`
			`+ ret = (li->recv)(data, FIRSTSOCKET, buf, len, &err);`
			`+ if(ret < 0 && err == CURLE_AGAIN) {`
			`+ SET_SOCKERRNO(EWOULDBLOCK);`
			`+ }`
			`+ }`
			`}`
			`return ret;`
			`}`
			`@@ -742,14 +749,17 @@ static ber_slen_t`
			`ldapsb_tls_write(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len)`
			`{`
			`struct Curl_easy *data = sbiod->sbiod_pvt;`
			`- struct connectdata *conn = data->conn;`
			`- struct ldapconninfo *li = conn->proto.ldapc;`
			`- ber_slen_t ret;`
			`- CURLcode err = CURLE_SEND_ERROR;`
			`-`
			`- ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);`
			`- if(ret < 0 && err == CURLE_AGAIN) {`
			`- SET_SOCKERRNO(EWOULDBLOCK);`
			`+ ber_slen_t ret = 0;`
			`+ if(data) {`
			`+ struct connectdata *conn = data->conn;`
			`+ if(conn) {`
			`+ struct ldapconninfo *li = conn->proto.ldapc;`
			`+ CURLcode err = CURLE_SEND_ERROR;`
			`+ ret = (li->send)(data, FIRSTSOCKET, buf, len, &err);`
			`+ if(ret < 0 && err == CURLE_AGAIN) {`
			`+ SET_SOCKERRNO(EWOULDBLOCK);`
			`+ }`
			`+ }`
			`}`
			`return ret;`
			`}`
			`--`
			`2.26.3`