rpms/openldap
5
0
Fork 0
Code Issues Pull Requests Releases Activity

fix: segfault when LDIF input is not terminated by newline

Browse Source 
Resolves: #716858
This commit is contained in:
Jan Vcelak 2011-06-27 15:30:55 +02:00
parent 4098fcd663
commit 2aeb38e146
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
openladp-segfault-ldif-nl-end.patch Normal file
View File

@ -0,0 +1,31 @@
commit 83814a220fb70db8344469dc3e2db5357b36fc5c
Author: Jan Vcelak <jvcelak@redhat.com>
Date: Mon Jun 20 17:31:57 2011 +0200
ITS#6947 Handle missing '\n' termination in LDIF input
diff --git a/libraries/libldap/ldif.c b/libraries/libldap/ldif.c
index 0ee7849..0bc35bb 100644
--- a/libraries/libldap/ldif.c
+++ b/libraries/libldap/ldif.c
@@ -842,11 +842,16 @@ ldif_read_record(
if ( fgets( line, sizeof( line ), lfp->fp ) == NULL ) {
stop = 1;
- /* Add \n in case the file does not end with newline */
- line[0] = '\n';
- line[1] = '\0';
+ len = 0;
+ } else {
+ len = strlen( line );
+ }
+
+ if ( len == 0 || line[len-1] != '\n' ) {
+ /* Add \n in case the line/file does not end with newline */
+ line[len] = '\n';
+ line[++len] = '\0';
}
- len = strlen( line );
if ( last_ch == '\n' ) {
(*lno)++;

4
openldap.spec
View File

@ -31,6 +31,7 @@ Patch8: openldap-nss-nofork.patch
Patch9: openldap-nss-cacertdir-soft-error.patch Patch9: openldap-nss-cacertdir-soft-error.patch
Patch10: openldap-ldapexop-double-free.patch Patch10: openldap-ldapexop-double-free.patch
Patch11: openldap-segfault-ldif-indent.patch Patch11: openldap-segfault-ldif-indent.patch
Patch12: openladp-segfault-ldif-nl-end.patch
# patches for the evolution library (see README.evolution) # patches for the evolution library (see README.evolution)
Patch200: openldap-evolution-ntlm.patch Patch200: openldap-evolution-ntlm.patch
@ -134,6 +135,7 @@ pushd openldap-%{version}
%patch9 -p1 -b .nss-cacertdir-soft-error %patch9 -p1 -b .nss-cacertdir-soft-error
%patch10 -p1 -b .ldapexop-double-free %patch10 -p1 -b .ldapexop-double-free
%patch11 -p1 -b .segfault-ldif-indent %patch11 -p1 -b .segfault-ldif-indent
%patch12 -p1 -b .segfault-ldif-nl-end
cp %{_datadir}/libtool/config/config.{sub,guess} build/ cp %{_datadir}/libtool/config/config.{sub,guess} build/
@ -667,6 +669,8 @@ exit 0
- fix: segmentation fault caused by double-free in ldapexop (#699683) - fix: segmentation fault caused by double-free in ldapexop (#699683)
- fix: segmentation fault of client tool when input line in LDIF file - fix: segmentation fault of client tool when input line in LDIF file
is splitted but indented incorrectly (#716855) is splitted but indented incorrectly (#716855)
- fix: segmentation fault of client tool when LDIF input file is not terminated
by a new line character (#716858)
* Fri Mar 18 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.24-2 * Fri Mar 18 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.24-2
- new: system resource limiting for slapd using ulimit - new: system resource limiting for slapd using ulimit