rpms/ipa/F-8 0001-slapi_pw_find_sv-expects-an-array-make-sure-we-ha.patch, NONE, 1.1 ipa.spec, 1.11, 1.12
Simo Sorce (simo)
fedora-extras-commits at redhat.com
Sun Jun 29 16:44:50 UTC 2008
Author: simo
Update of /cvs/pkgs/rpms/ipa/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31714
Modified Files:
ipa.spec
Added Files:
0001-slapi_pw_find_sv-expects-an-array-make-sure-we-ha.patch
Log Message:
* Sun Jun 29 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-3
- Add fix for bug #453185
0001-slapi_pw_find_sv-expects-an-array-make-sure-we-ha.patch:
--- NEW FILE 0001-slapi_pw_find_sv-expects-an-array-make-sure-we-ha.patch ---
>From 56a9569563b5dcc26a132d4ac91d940d34540a12 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce at redhat.com>
Date: Tue, 24 Jun 2008 08:40:58 -0400
Subject: [PATCH] slapi_pw_find_sv() expects an array, make sure we have a NULL terminated
one to avoid potential segfaults
Avoid leaking memory too.
---
.../ipa-pwd-extop/ipa_pwd_extop.c | 14 +++++++++-----
1 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
index 21e50db..c25d0f1 100644
--- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
@@ -1258,24 +1258,28 @@ static int ipapwd_CheckPolicy(struct ipapwd_data *data)
/* skip policy checks */
slapi_entry_free(policy);
goto no_policy;
- }
+ }
/* first of all check current password, if any */
old_pw = slapi_entry_attr_get_charptr(data->target, "userPassword");
if (old_pw) {
- Slapi_Value *cpw;
+ Slapi_Value *cpw[2] = {NULL, NULL};
Slapi_Value *pw;
- cpw = slapi_value_new_string(old_pw);
+ cpw[0] = slapi_value_new_string(old_pw);
pw = slapi_value_new_string(data->password);
- if (!cpw || !pw) {
+ if (!cpw[0] || !pw) {
slapi_log_error(SLAPI_LOG_PLUGIN, "ipa_pwd_extop",
"ipapwd_checkPassword: Out of Memory\n");
slapi_entry_free(policy);
+ slapi_value_free(&cpw[0]);
+ slapi_value_free(&pw);
return LDAP_OPERATIONS_ERROR;
}
- ret = slapi_pw_find_sv(&cpw, pw);
+ ret = slapi_pw_find_sv(cpw, pw);
+ slapi_value_free(&cpw[0]);
+ slapi_value_free(&pw);
if (ret == 0) {
slapi_log_error(SLAPI_LOG_TRACE, "ipa_pwd_extop",
--
1.5.5.1
Index: ipa.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ipa/F-8/ipa.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- ipa.spec 23 Jun 2008 21:35:11 -0000 1.11
+++ ipa.spec 29 Jun 2008 16:44:07 -0000 1.12
@@ -6,7 +6,7 @@
Name: ipa
Version: 1.1.0
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: The Identity, Policy and Audit system
Group: System Environment/Base
@@ -19,6 +19,7 @@
Patch2: freeipa-noinit.patch
Patch3: freeipa-memberofindex.patch
Patch4: freeipa-index.patch
+Patch5: 0001-slapi_pw_find_sv-expects-an-array-make-sure-we-ha.patch
BuildRequires: fedora-ds-base-devel >= 1.1
BuildRequires: mozldap-devel
@@ -187,6 +188,7 @@
%patch2 -p1 -b noinit
%patch3 -p1 -b memberofindex
%patch4 -p1 -b index
+%patch5 -p1 -b changepw
%build
cd ipa-server; ./autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir} --mandir=%{_mandir} --with-openldap=yes; cd ..
@@ -435,6 +437,9 @@
%{_sbindir}/ipa-modradiusprofile
%changelog
+* Sun Jun 29 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-3
+- Add fix for bug #453185
+
* Mon Jun 23 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-2
- Rebuild against openldap libraries, mozldap ones do not work properly
More information about the fedora-extras-commits
mailing list