|
|
058656 |
From 30fa0e4c993d4a91a90327329b50f02e637fe049 Mon Sep 17 00:00:00 2001
|
|
|
058656 |
From: William Brown <firstyear@redhat.com>
|
|
|
058656 |
Date: Tue, 28 Nov 2017 15:31:25 +0100
|
|
|
058656 |
Subject: [PATCH] Ticket 49470 - overflow in pblock_get
|
|
|
058656 |
|
|
|
058656 |
Bug Description: While getting the connection id we used an int
|
|
|
058656 |
not a uint64_t
|
|
|
058656 |
|
|
|
058656 |
Fix Description: Make the stack size uint64_t instead.
|
|
|
058656 |
|
|
|
058656 |
https://pagure.io/389-ds-base/issue/49470
|
|
|
058656 |
|
|
|
058656 |
Author: wibrown
|
|
|
058656 |
|
|
|
058656 |
Review by: tbordaz
|
|
|
058656 |
---
|
|
|
058656 |
ldap/servers/slapd/modify.c | 5 +++--
|
|
|
058656 |
ldap/servers/slapd/pblock.c | 4 ++--
|
|
|
058656 |
ldap/servers/slapd/slap.h | 2 +-
|
|
|
058656 |
3 files changed, 6 insertions(+), 5 deletions(-)
|
|
|
058656 |
|
|
|
058656 |
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
|
|
|
058656 |
index 6309975ae..0dcac646b 100644
|
|
|
058656 |
--- a/ldap/servers/slapd/modify.c
|
|
|
058656 |
+++ b/ldap/servers/slapd/modify.c
|
|
|
058656 |
@@ -281,11 +281,12 @@ do_modify(Slapi_PBlock *pb)
|
|
|
058656 |
|
|
|
058656 |
if (ignored_some_mods && (0 == smods.num_elements)) {
|
|
|
058656 |
if (pb_conn->c_isreplication_session) {
|
|
|
058656 |
- int connid, opid;
|
|
|
058656 |
+ uint64_t connid;
|
|
|
058656 |
+ int32_t opid;
|
|
|
058656 |
slapi_pblock_get(pb, SLAPI_CONN_ID, &connid);
|
|
|
058656 |
slapi_pblock_get(pb, SLAPI_OPERATION_ID, &opid);
|
|
|
058656 |
slapi_log_err(SLAPI_LOG_ERR, "do_modify",
|
|
|
058656 |
- "Rejecting replicated password policy operation(conn=%d op=%d) for "
|
|
|
058656 |
+ "Rejecting replicated password policy operation(conn=%"PRIu64" op=%d) for "
|
|
|
058656 |
"entry %s. To allow these changes to be accepted, set passwordIsGlobalPolicy to 'on' in "
|
|
|
058656 |
"cn=config.\n",
|
|
|
058656 |
connid, opid, rawdn);
|
|
|
058656 |
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
|
|
|
058656 |
index 8f87de5b5..4514c3ce6 100644
|
|
|
058656 |
--- a/ldap/servers/slapd/pblock.c
|
|
|
058656 |
+++ b/ldap/servers/slapd/pblock.c
|
|
|
058656 |
@@ -412,7 +412,7 @@ slapi_pblock_get(Slapi_PBlock *pblock, int arg, void *value)
|
|
|
058656 |
"slapi_pblock_get", "Connection is NULL and hence cannot access SLAPI_CONN_ID \n");
|
|
|
058656 |
return (-1);
|
|
|
058656 |
}
|
|
|
058656 |
- (*(PRUint64 *)value) = pblock->pb_conn->c_connid;
|
|
|
058656 |
+ (*(uint64_t *)value) = pblock->pb_conn->c_connid;
|
|
|
058656 |
break;
|
|
|
058656 |
case SLAPI_CONN_DN:
|
|
|
058656 |
/*
|
|
|
058656 |
@@ -2538,7 +2538,7 @@ slapi_pblock_set(Slapi_PBlock *pblock, int arg, void *value)
|
|
|
058656 |
"slapi_pblock_set", "Connection is NULL and hence cannot access SLAPI_CONN_ID \n");
|
|
|
058656 |
return (-1);
|
|
|
058656 |
}
|
|
|
058656 |
- pblock->pb_conn->c_connid = *((PRUint64 *)value);
|
|
|
058656 |
+ pblock->pb_conn->c_connid = *((uint64_t *)value);
|
|
|
058656 |
break;
|
|
|
058656 |
case SLAPI_CONN_DN:
|
|
|
058656 |
/*
|
|
|
058656 |
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
|
|
|
058656 |
index 44632580a..830944f72 100644
|
|
|
058656 |
--- a/ldap/servers/slapd/slap.h
|
|
|
058656 |
+++ b/ldap/servers/slapd/slap.h
|
|
|
058656 |
@@ -1604,7 +1604,7 @@ typedef struct conn
|
|
|
058656 |
int c_gettingber; /* in the middle of ber_get_next */
|
|
|
058656 |
BerElement *c_currentber; /* ber we're getting */
|
|
|
058656 |
time_t c_starttime; /* when the connection was opened */
|
|
|
058656 |
- PRUint64 c_connid; /* id of this connection for stats*/
|
|
|
058656 |
+ uint64_t c_connid; /* id of this connection for stats*/
|
|
|
058656 |
PRUint64 c_maxthreadscount; /* # of times a conn hit max threads */
|
|
|
058656 |
PRUint64 c_maxthreadsblocked; /* # of operations blocked by maxthreads */
|
|
|
058656 |
int c_opsinitiated; /* # ops initiated/next op id */
|
|
|
058656 |
--
|
|
|
058656 |
2.13.6
|
|
|
058656 |
|