60d90b3993
- Resolves: RHEL-106285 Incorrect use of external IdP GitHub trademark - Resolves: RHEL-106026 Include fixes in python3-ipatests package - Resolves: RHEL-105512 kdb: prevent double crash in RBCD ACL free - Resolves: RHEL-101707 ipatests: use "sos report" instead of "sosreport" command - Resolves: RHEL-101544 ipa-client-encrypted-dns does not ensure bind-utils >= 9.18 for DoT-compatible nsupdate - Resolves: RHEL-100450 eDNS: multiple issues during encrypted DNS setup Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
36 lines
1.4 KiB
Diff
36 lines
1.4 KiB
Diff
From 45cce31e2596de2c9b6048674510572c248e2ec9 Mon Sep 17 00:00:00 2001
|
|
From: Alexander Bokovoy <abokovoy@redhat.com>
|
|
Date: Tue, 15 Jul 2025 10:52:01 +0300
|
|
Subject: [PATCH] kdb: prevent double crash in RBCD ACL free
|
|
|
|
acl_list was set to prev->tl_data_contents and its value is freed but
|
|
then is is freed again outside of the if(). Just reset acl_list pointer
|
|
as prev->tl_data_contents is removed unconditionally outside of the RBCD
|
|
ACL removal.
|
|
|
|
Related: https://pagure.io/freeipa/issue/9367
|
|
|
|
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
|
|
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
|
|
---
|
|
daemons/ipa-kdb/ipa_kdb_principals.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c
|
|
index 19998c2a38b5d8ae80aeedeb003f54241d2c2a9f..a7e77e940ab61b27407076a834f3804b0e69c122 100644
|
|
--- a/daemons/ipa-kdb/ipa_kdb_principals.c
|
|
+++ b/daemons/ipa-kdb/ipa_kdb_principals.c
|
|
@@ -2160,7 +2160,8 @@ void ipadb_free_principal(krb5_context kcontext, krb5_db_entry *entry)
|
|
for (i = 0; (acl_list != NULL) && (acl_list[i] != NULL); i++) {
|
|
free(acl_list[i]);
|
|
}
|
|
- free(acl_list);
|
|
+ /* prev->tl_data_contents will be removed below */
|
|
+ acl_list = NULL;
|
|
}
|
|
free(prev->tl_data_contents);
|
|
free(prev);
|
|
--
|
|
2.50.1
|
|
|