commit 8693ab2485e05bc05e64f9d4c37533c00a5a7faf
Author: Jakub Bogusz <[email protected]>
Date: Sat Feb 19 07:29:57 2022 +0100
- more samba-4.15 fixes, release 59
openchange.spec | 2 +-
samba-4.15.patch | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 86 insertions(+), 1 deletion(-)
---
diff --git a/openchange.spec b/openchange.spec
index 8c3b083..0d5882c 100644
--- a/openchange.spec
+++ b/openchange.spec
@@ -12,7 +12,7 @@ Summary: OpenChange - portable implementation of MS
Exchange Server and Exchange
Summary(pl.UTF-8): OpenChange - przenośna implementacja serwera oraz
protokołów MS Exchange
Name: openchange
Version: 2.3
-Release: 58
+Release: 59
License: GPL v3+
Group: Libraries
#Source0Download: https://github.com/openchange/openchange/releases
diff --git a/samba-4.15.patch b/samba-4.15.patch
index 219ff14..5f32581 100644
--- a/samba-4.15.patch
+++ b/samba-4.15.patch
@@ -39,3 +39,88 @@
}
return MAPI_E_SUCCESS;
+--- openchange-openchange-2.3-VULCAN/ndr_mapi.c.orig 2022-02-19
07:21:05.221687320 +0100
++++ openchange-openchange-2.3-VULCAN/ndr_mapi.c 2022-02-19
07:21:12.288315703 +0100
+@@ -1220,6 +1220,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_EcDo
+ uint32_t cntr_rgwClientVersion_0;
+ uint32_t cntr_rgwServerVersion_0;
+ uint32_t cntr_rgwBestVersion_0;
++ uint32_t arrsize, arrlen;
+ TALLOC_CTX *_mem_save_handle_0;
+ TALLOC_CTX *_mem_save_pcmsPollsMax_0;
+ TALLOC_CTX *_mem_save_pcRetry_0;
+@@ -1239,11 +1240,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_EcDo
+
+ NDR_CHECK(ndr_pull_array_size(ndr, &r->in.szUserDN));
+ NDR_CHECK(ndr_pull_array_length(ndr, &r->in.szUserDN));
+- if (ndr_get_array_length(ndr, &r->in.szUserDN) >
ndr_get_array_size(ndr, &r->in.szUserDN)) {
+- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad
array size %u should exceed array length %u", ndr_get_array_size(ndr,
&r->in.szUserDN), ndr_get_array_length(ndr, &r->in.szUserDN));
++ NDR_CHECK(ndr_get_array_length(ndr, &r->in.szUserDN, &arrlen));
++ NDR_CHECK(ndr_get_array_size(ndr, &r->in.szUserDN, &arrsize));
++ if (arrlen > arrsize) {
++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad
array size %u should exceed array length %u", arrsize, arrlen);
+ }
+- NDR_CHECK(ndr_check_string_terminator(ndr,
ndr_get_array_length(ndr, &r->in.szUserDN), sizeof(uint8_t)));
+- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.szUserDN,
ndr_get_array_length(ndr, &r->in.szUserDN), sizeof(uint8_t), CH_DOS));
++ NDR_CHECK(ndr_check_string_terminator(ndr, arrlen,
sizeof(uint8_t)));
++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.szUserDN,
arrlen, sizeof(uint8_t), CH_DOS));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.ulFlags));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.ulConMod));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.cbLimit));
+@@ -1366,11 +1369,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_EcDo
+ NDR_PULL_SET_MEM_CTX(ndr, *r->out.szDNPrefix, 0);
+ NDR_CHECK(ndr_pull_array_size(ndr, r->out.szDNPrefix));
+ NDR_CHECK(ndr_pull_array_length(ndr,
r->out.szDNPrefix));
+- if (ndr_get_array_length(ndr, r->out.szDNPrefix) >
ndr_get_array_size(ndr, r->out.szDNPrefix)) {
+- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
"Bad array size %u should exceed array length %u", ndr_get_array_size(ndr,
r->out.szDNPrefix), ndr_get_array_length(ndr, r->out.szDNPrefix));
++ NDR_CHECK(ndr_get_array_length(ndr, &r->out.szDNPrefix,
&arrlen));
++ NDR_CHECK(ndr_get_array_size(ndr, &r->out.szDNPrefix,
&arrsize));
++ if (arrlen > arrsize) {
++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
"Bad array size %u should exceed array length %u", arrsize, arrlen);
+ }
+- NDR_CHECK(ndr_check_string_terminator(ndr,
ndr_get_array_length(ndr, r->out.szDNPrefix), sizeof(uint8_t)));
+- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS,
r->out.szDNPrefix, ndr_get_array_length(ndr, r->out.szDNPrefix),
sizeof(uint8_t), CH_DOS));
++ NDR_CHECK(ndr_check_string_terminator(ndr, arrlen,
sizeof(uint8_t)));
++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS,
r->out.szDNPrefix, arrlen, sizeof(uint8_t), CH_DOS));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_szDNPrefix_1, 0);
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_szDNPrefix_0,
LIBNDR_FLAG_REF_ALLOC);
+@@ -1391,11 +1396,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_EcDo
+ NDR_PULL_SET_MEM_CTX(ndr, *r->out.szDisplayName, 0);
+ NDR_CHECK(ndr_pull_array_size(ndr,
r->out.szDisplayName));
+ NDR_CHECK(ndr_pull_array_length(ndr,
r->out.szDisplayName));
+- if (ndr_get_array_length(ndr, r->out.szDisplayName) >
ndr_get_array_size(ndr, r->out.szDisplayName)) {
+- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
"Bad array size %u should exceed array length %u", ndr_get_array_size(ndr,
r->out.szDisplayName), ndr_get_array_length(ndr, r->out.szDisplayName));
++ NDR_CHECK(ndr_get_array_length(ndr,
&r->out.szDisplayName, &arrlen));
++ NDR_CHECK(ndr_get_array_size(ndr,
&r->out.szDisplayName, &arrsize));
++ if (arrlen > arrsize) {
++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE,
"Bad array size %u should exceed array length %u", arrsize, arrlen);
+ }
+- NDR_CHECK(ndr_check_string_terminator(ndr,
ndr_get_array_length(ndr, r->out.szDisplayName), sizeof(uint8_t)));
+- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS,
r->out.szDisplayName, ndr_get_array_length(ndr, r->out.szDisplayName),
sizeof(uint8_t), CH_DOS));
++ NDR_CHECK(ndr_check_string_terminator(ndr, arrlen,
sizeof(uint8_t)));
++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS,
r->out.szDisplayName, arrlen, sizeof(uint8_t), CH_DOS));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_szDisplayName_1, 0);
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_szDisplayName_0,
LIBNDR_FLAG_REF_ALLOC);
+@@ -1415,14 +1422,16 @@ _PUBLIC_ enum ndr_err_code ndr_pull_EcDo
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_pulTimeStamp_0,
LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_array_size(ndr, &r->out.rgbAuxOut));
+ NDR_CHECK(ndr_pull_array_length(ndr, &r->out.rgbAuxOut));
+- if (ndr_get_array_length(ndr, &r->out.rgbAuxOut) >
ndr_get_array_size(ndr, &r->out.rgbAuxOut)) {
+- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad
array size %u should exceed array length %u", ndr_get_array_size(ndr,
&r->out.rgbAuxOut), ndr_get_array_length(ndr, &r->out.rgbAuxOut));
++ NDR_CHECK(ndr_get_array_length(ndr, &r->out.rgbAuxOut,
&arrlen));
++ NDR_CHECK(ndr_get_array_size(ndr, &r->out.rgbAuxOut, &arrsize));
++ if (arrlen > arrsize) {
++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad
array size %u should exceed array length %u", arrsize, arrlen);
+ }
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+- NDR_PULL_ALLOC_N(ndr, r->out.rgbAuxOut,
ndr_get_array_size(ndr, &r->out.rgbAuxOut));
++ NDR_PULL_ALLOC_N(ndr, r->out.rgbAuxOut, arrsize);
+ }
+ /* Only try to pull rgbAuxOut if the fake array size is > 0 */
+- if (ndr_get_array_size(ndr, &r->out.rgbAuxOut)) {
++ if (arrsize) {
+ _mem_save_rgbAuxOut_1 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->out.rgbAuxOut, 0);
+ NDR_CHECK(ndr_pull_mapi2k7_AuxInfo(ndr, NDR_SCALARS,
r->out.rgbAuxOut));
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/openchange.git/commitdiff/8693ab2485e05bc05e64f9d4c37533c00a5a7faf
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
