rpms / 389-ds-base

Clone
Source Code
GIT

Blame SOURCES/0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   4969b8b503e529bf2aa2838cd7a23eb0de975666
  2.   SOURCES
  3.   0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
Blob History Raw
4969b8 
From d41352806f44c47a9e99f9eb1b0bdfef7b0aa4f4 Mon Sep 17 00:00:00 2001
4969b8 
From: Mark Reynolds <mreynolds@redhat.com>
4969b8 
Date: Tue, 25 Jan 2022 12:27:02 -0500
4969b8 
Subject: [PATCH] Bug 2027783 - CVE-2021-4091 389-ds-base: double-free of the
4969b8 
 virtual attribute context in persistent search
4969b8
4969b8 
Description:  Fix double free.  The double free is related to
4969b8 
persistent search req.   It was introduced with i
4969b8 
https://pagure.io/389-ds-base/issue/49097
4969b8
4969b8 
Reviewed by: mreynolds, progier, jchapman
4969b8 
---
4969b8 
 ldap/servers/slapd/pblock.c | 2 ++
4969b8 
 1 file changed, 2 insertions(+)
4969b8
4969b8 
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
4969b8 
index 94e7c0ab7..56bbfc92e 100644
4969b8 
--- a/ldap/servers/slapd/pblock.c
4969b8 
+++ b/ldap/servers/slapd/pblock.c
4969b8 
@@ -330,6 +330,8 @@ slapi_pblock_clone(Slapi_PBlock *pb)
4969b8 
     if (pb->pb_intplugin != NULL) {
4969b8 
         _pblock_assert_pb_intplugin(new_pb);
4969b8 
         *(new_pb->pb_intplugin) = *(pb->pb_intplugin);
4969b8 
+        /* Make sure that only the cloned pblock refers to vattr_context */
4969b8 
+        pb->pb_intplugin->pb_vattr_context = NULL;
4969b8 
     }
4969b8 
     if (pb->pb_deprecated != NULL) {
4969b8 
         _pblock_assert_pb_deprecated(new_pb);
4969b8 
--
4969b8 
2.31.1
4969b8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation