Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
389-ds.2045
0011-Ticket-48986-47808-triggers-overflow-in-ui...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0011-Ticket-48986-47808-triggers-overflow-in-uiduniq.c.patch of Package 389-ds.2045
From 82ee5377a3f4535de189f0226083abb937cf46fa Mon Sep 17 00:00:00 2001 From: William Brown <william@blackhats.net.au> Date: Wed, 28 Sep 2016 10:46:21 +1000 Subject: [PATCH 11/14] Ticket 48986 - 47808 triggers overflow in uiduniq.c Bug Description: Certain configurations of uiduniq.c would cause an overflow when running with Address Sanitiser Fix Description: Increase the size of the allocation to tmp_config->attrs. https://fedorahosted.org/389/ticket/48986 Author: nhosoi Reviewed by: wibrown --- ldap/servers/plugins/uiduniq/uid.c | 4 ++-- ldap/servers/slapd/ch_malloc.c | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c index f84265437..7a55969a1 100644 --- a/ldap/servers/plugins/uiduniq/uid.c +++ b/ldap/servers/plugins/uiduniq/uid.c @@ -299,7 +299,7 @@ uniqueness_entry_to_config(Slapi_PBlock *pb, Slapi_Entry *config_entry) } /* Store attrName in the config */ - tmp_config->attrs = (const char **) slapi_ch_calloc(1, sizeof(char *)); + tmp_config->attrs = (const char **) slapi_ch_calloc(2, sizeof(char *)); tmp_config->attrs[0] = slapi_ch_strdup(attrName); argc--; argv++; /* First argument was attribute name and remaining are subtrees */ @@ -340,7 +340,7 @@ uniqueness_entry_to_config(Slapi_PBlock *pb, Slapi_Entry *config_entry) * - requiredObjectClass */ /* Store attrName in the config */ - tmp_config->attrs = (const char **) slapi_ch_calloc(1, sizeof(char *)); + tmp_config->attrs = (const char **) slapi_ch_calloc(2, sizeof(char *)); tmp_config->attrs[0] = slapi_ch_strdup(attrName); /* There is no subtrees */ diff --git a/ldap/servers/slapd/ch_malloc.c b/ldap/servers/slapd/ch_malloc.c index c8eefa229..5947e583e 100644 --- a/ldap/servers/slapd/ch_malloc.c +++ b/ldap/servers/slapd/ch_malloc.c @@ -397,6 +397,7 @@ int slapi_ct_memcmp( const void *p1, const void *p2, size_t n) { int result = 0; + size_t i; const unsigned char *_p1 = (const unsigned char *)p1; const unsigned char *_p2 = (const unsigned char *)p2; @@ -404,7 +405,7 @@ slapi_ct_memcmp( const void *p1, const void *p2, size_t n) return 2; } - for (size_t i = 0; i < n; i++) { + for (i = 0; i < n; i++) { if (_p1[i] ^ _p2[i]) { result = 1; } -- 2.15.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor