andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0016-Issue-50829-Disk-monitoring-rotated-log-cleanup-caus.patch

8394b4
From aa65a78d49eb7c5ab1e35cd1ab2aa9c2bc6a209b Mon Sep 17 00:00:00 2001
8394b4
From: Mark Reynolds <mreynolds@redhat.com>
8394b4
Date: Fri, 17 Jan 2020 15:42:00 -0500
8394b4
Subject: [PATCH] Issue 50829 - Disk monitoring rotated log cleanup causes
8394b4
 heap-use-after-free
8394b4
8394b4
Description:  When Disk Monitoring finds that disk space is too low it starts
8394b4
              freeing up disk space by removing rotated logs.  However the log
8394b4
              list struct was not properly reset after freeing all the files
8394b4
              in the list.  This is what allowed the heap-use-after-free to
8394b4
              occur.
8394b4
8394b4
relates: https://pagure.io/389-ds-base/issue/50829
8394b4
8394b4
Reviewed by: firstyear(Thanks!)
8394b4
---
8394b4
 ldap/servers/slapd/log.c | 6 ++++++
8394b4
 1 file changed, 6 insertions(+)
8394b4
8394b4
diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c
8394b4
index bfcf57475..b16e56b21 100644
8394b4
--- a/ldap/servers/slapd/log.c
8394b4
+++ b/ldap/servers/slapd/log.c
8394b4
@@ -3243,6 +3243,12 @@ log__delete_rotated_logs()
8394b4
         logp = logp->l_next;
8394b4
         slapi_ch_free((void **)&prev_log);
8394b4
     }
8394b4
+
8394b4
+    /* reset the log struct */
8394b4
+    loginfo.log_access_logchain = NULL;
8394b4
+    loginfo.log_audit_logchain = NULL;
8394b4
+    loginfo.log_auditfail_logchain = NULL;
8394b4
+    loginfo.log_error_logchain = NULL;
8394b4
 }
8394b4
 
8394b4
 #define ERRORSLOG 1
8394b4
-- 
8394b4
2.21.1
8394b4