CVS commit: src/external/bsd/openldap/dist/servers/slapd
Module Name:src Committed By: christos Date: Thu Feb 9 02:20:33 UTC 2017 Modified Files: src/external/bsd/openldap/dist/servers/slapd: filter.c Log Message: resolve conflict To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/external/bsd/openldap/dist/servers/slapd/filter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openldap/dist/servers/slapd/filter.c diff -u src/external/bsd/openldap/dist/servers/slapd/filter.c:1.3 src/external/bsd/openldap/dist/servers/slapd/filter.c:1.4 --- src/external/bsd/openldap/dist/servers/slapd/filter.c:1.3 Wed Feb 8 20:53:51 2017 +++ src/external/bsd/openldap/dist/servers/slapd/filter.c Wed Feb 8 21:20:33 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: filter.c,v 1.3 2017/02/09 01:53:51 christos Exp $ */ +/* $NetBSD: filter.c,v 1.4 2017/02/09 02:20:33 christos Exp $ */ /* filter.c - routines for parsing and dealing with filters */ /* $OpenLDAP$ */ @@ -27,7 +27,7 @@ */ #include -__RCSID("$NetBSD: filter.c,v 1.3 2017/02/09 01:53:51 christos Exp $"); +__RCSID("$NetBSD: filter.c,v 1.4 2017/02/09 02:20:33 christos Exp $"); #include "portable.h" @@ -1163,17 +1163,10 @@ get_vrFilter( Operation *op, BerElement void vrFilter_free( Operation *op, ValuesReturnFilter *vrf ) { -<<< filter.c - ValuesReturnFilter *next; - - for ( p = vrf; vrf != NULL; vrf = next ) { - next = vrf->vrf_next; -=== ValuesReturnFilter *next; for ( ; vrf != NULL; vrf = next ) { next = vrf->vrf_next; ->>> 1.1.1.5 switch ( vrf->vrf_choice & SLAPD_FILTER_MASK ) { case LDAP_FILTER_PRESENT:
CVS commit: src/external/bsd/openldap/dist/servers/slapd
Module Name:src Committed By: christos Date: Sat Feb 7 17:57:00 UTC 2015 Modified Files: src/external/bsd/openldap/dist/servers/slapd: filter.c Log Message: Apply: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;\ h=2f1a2dd329b91afe561cd06b872d09630d4edb6a Certain search queries including the Matched Values control can trigger a double free in slapd 2.4.40 when freeing operation controls. This is a regression in 2.4.40, no earlier releases are affected. [CVE-1546] XXX: Pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.1.1.4 -r1.2 \ src/external/bsd/openldap/dist/servers/slapd/filter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openldap/dist/servers/slapd/filter.c diff -u src/external/bsd/openldap/dist/servers/slapd/filter.c:1.1.1.4 src/external/bsd/openldap/dist/servers/slapd/filter.c:1.2 --- src/external/bsd/openldap/dist/servers/slapd/filter.c:1.1.1.4 Wed May 28 05:58:46 2014 +++ src/external/bsd/openldap/dist/servers/slapd/filter.c Sat Feb 7 12:56:59 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: filter.c,v 1.1.1.4 2014/05/28 09:58:46 tron Exp $ */ +/* $NetBSD: filter.c,v 1.2 2015/02/07 17:56:59 christos Exp $ */ /* filter.c - routines for parsing and dealing with filters */ /* $OpenLDAP$ */ @@ -1160,14 +1160,10 @@ get_vrFilter( Operation *op, BerElement void vrFilter_free( Operation *op, ValuesReturnFilter *vrf ) { - ValuesReturnFilter *p, *next; + ValuesReturnFilter *next; - if ( vrf == NULL ) { - return; - } - - for ( p = vrf; p != NULL; p = next ) { - next = p-vrf_next; + for ( p = vrf; vrf != NULL; vrf = next ) { + next = vrf-vrf_next; switch ( vrf-vrf_choice SLAPD_FILTER_MASK ) { case LDAP_FILTER_PRESENT:
CVS commit: src/external/bsd/openldap/dist/servers/slapd/overlays
Module Name:src Committed By: christos Date: Sat Feb 7 17:58:23 UTC 2015 Modified Files: src/external/bsd/openldap/dist/servers/slapd/overlays: deref.c Log Message: Apply: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;\ h=c32e74763f77675b9e144126e375977ed6dc562c The deref overlay in slapd 2.4.13 through 2.4.40 dereferences a NULL pointer when a search request includes the Deref control with an empty list of attributes to return (missing input validation). [CVE-2015-1545] XXX: Pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.1.1.3 -r1.2 \ src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c diff -u src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c:1.1.1.3 src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c:1.2 --- src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c:1.1.1.3 Wed May 28 05:58:52 2014 +++ src/external/bsd/openldap/dist/servers/slapd/overlays/deref.c Sat Feb 7 12:58:23 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: deref.c,v 1.1.1.3 2014/05/28 09:58:52 tron Exp $ */ +/* $NetBSD: deref.c,v 1.2 2015/02/07 17:58:23 christos Exp $ */ /* deref.c - dereference overlay */ /* $OpenLDAP$ */ @@ -185,7 +185,8 @@ deref_parseCtrl ( ber_len_t cnt = sizeof(struct berval); ber_len_t off = 0; - if ( ber_scanf( ber, {m{M}}, derefAttr, attributes, cnt, off ) == LBER_ERROR ) + if ( ber_scanf( ber, {m{M}}, derefAttr, attributes, cnt, off ) == LBER_ERROR + || !cnt ) { rs-sr_text = Dereference control: derefSpec decoding error; rs-sr_err = LDAP_PROTOCOL_ERROR;