diff --git a/openldap-2.4.18-ldif-buf-overflow.patch b/openldap-2.4.18-ldif-buf-overflow.patch index b49afa9..b767f12 100644 --- a/openldap-2.4.18-ldif-buf-overflow.patch +++ b/openldap-2.4.18-ldif-buf-overflow.patch @@ -1,54 +1,17 @@ ---- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig 2009-09-24 09:46:01.000000000 +0200 -+++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c 2009-09-24 13:40:07.000000000 +0200 -@@ -593,9 +593,7 @@ typedef struct bvlist { +Avoid the struct hack, just malloc two data structures in one chunk: + +--- openldap-2.4.18/servers/slapd/back-ldif/ldif.c.orig 2009-08-18 23:58:27 ++++ openldap-2.4.18/servers/slapd/back-ldif/ldif.c 2009-09-24 16:08:14 +@@ -593,9 +593,9 @@ typedef struct bvlist { char *trunc; /* filename was truncated here */ int inum; /* num from "attr={num}" in filename, or INT_MIN */ char savech; /* original char at *trunc */ - char fname; /* variable length array BVL_NAME(bvl) = &fname */ -# define BVL_NAME(bvl) ((char *) (bvl) + offsetof(bvlist, fname)) -# define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen)) -+ char *fname; /* variable length array */ ++ /* BVL_NAME(&bvlist) is the filename, allocated after the struct: */ ++# define BVL_NAME(bvl) ((char *) ((bvl) + 1)) ++# define BVL_SIZE(namelen) (sizeof(bvlist) + (namelen) + 1) } bvlist; static int -@@ -709,17 +707,18 @@ ldif_readdir( - if ( *fname_maxlenp < fname_len ) - *fname_maxlenp = fname_len; - -- bvl = SLAP_MALLOC( BVL_SIZE( fname_len ) ); -+ bvl = SLAP_MALLOC( sizeof( bvlist ) ); -+ bvl->fname = SLAP_MALLOC( fname_len+1 ); - if ( bvl == NULL ) { - rc = LDAP_OTHER; - save_errno = errno; - break; - } -- strcpy( BVL_NAME( bvl ), dir->d_name ); -+ strcpy( bvl->fname, dir->d_name ); - - /* Make it sortable by ("attr=val" or ) */ -- trunc = BVL_NAME( bvl ) + fname_len - STRLENOF( LDIF ); -- if ( (idxp = strchr( BVL_NAME( bvl ) + 2, IX_FSL )) != NULL && -+ trunc = bvl->fname + fname_len - STRLENOF( LDIF ); -+ if ( (idxp = strchr( bvl->fname + 2, IX_FSL )) != NULL && - (endp = strchr( ++idxp, IX_FSR )) != NULL && endp > idxp && - (eq_unsafe || idxp[-2] == '=' || endp + 1 == trunc) ) - { -@@ -737,7 +736,7 @@ ldif_readdir( - *trunc = '\0'; - - for ( prev = listp; (ptr = *prev) != NULL; prev = &ptr->next ) { -- int cmp = strcmp( BVL_NAME( bvl ), BVL_NAME( ptr )); -+ int cmp = strcmp( bvl->fname, ptr->fname ); - if ( cmp < 0 || (cmp == 0 && bvl->inum < ptr->inum) ) - break; - } -@@ -826,7 +825,7 @@ ldif_search_entry( - - if ( rc == LDAP_SUCCESS ) { - *ptr->trunc = ptr->savech; -- FILL_PATH( &fpath, dir_end, BVL_NAME( ptr )); -+ FILL_PATH( &fpath, dir_end, ptr->fname ); - - rc = ldif_read_entry( op, fpath.bv_val, &dn, &ndn, - &e, text ); diff --git a/openldap.spec b/openldap.spec index 866fe74..e645965 100644 --- a/openldap.spec +++ b/openldap.spec @@ -11,7 +11,7 @@ Summary: LDAP support libraries Name: openldap Version: %{version} -Release: 3%{?dist} +Release: 4%{?dist} License: OpenLDAP Group: System Environment/Daemons Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz @@ -388,6 +388,10 @@ for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/% chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so* chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a +# Add files and dirs which would be created by %post scriptlet +touch $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.conf.bak +mkdir $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d + # Remove files which we don't want packaged. rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la @@ -596,7 +600,9 @@ fi %ghost %config(noreplace) %{_sysconfdir}/pki/tls/certs/slapd.pem %attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/slapd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf -%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf +%attr(0640,root,ldap) %config(noreplace,missingok) %{_sysconfdir}/openldap/slapd.conf +%attr(0640,root,ldap) %ghost %{_sysconfdir}/openldap/slapd.conf.bak +%attr(0640,ldap,ldap) %ghost %{_sysconfdir}/openldap/slapd.d %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ldap %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema* %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif @@ -639,6 +645,11 @@ fi %attr(0644,root,root) %{evolution_connector_libdir}/*.a %changelog +* Wed Sep 30 2009 Jan Zeleny 2.4.18-4 +- buffer overflow patch from upstream +- added /etc/openldap/slapd.d and /etc/openldap/slapd.conf.bak + to files owned by openldap-servers + * Thu Sep 24 2009 Jan Zeleny 2.4.18-3 - cleanup of previous patch fixing buffer overflow