summaryrefslogtreecommitdiffstats
path: root/debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:23:54 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 01:23:54 +0000
commitfe2751bf1e0388ddfa3fdfa88ed70b2bc94e2173 (patch)
tree5f743c2fcc2c85b0363602a14ac3753bc5a19abc /debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch
parentAdding upstream version 2.4.47+dfsg. (diff)
downloadopenldap-fe2751bf1e0388ddfa3fdfa88ed70b2bc94e2173.tar.xz
openldap-fe2751bf1e0388ddfa3fdfa88ed70b2bc94e2173.zip
Adding debian version 2.4.47+dfsg-3+deb10u7.debian/2.4.47+dfsg-3+deb10u7debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch')
-rw-r--r--debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch45
1 files changed, 45 insertions, 0 deletions
diff --git a/debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch b/debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch
new file mode 100644
index 0000000..618eb3d
--- /dev/null
+++ b/debian/patches/ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch
@@ -0,0 +1,45 @@
+From 4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Mon, 14 Dec 2020 20:05:44 +0000
+Subject: [PATCH] ITS#9425 add more checks to ldap_X509dn2bv
+
+---
+ libraries/libldap/tls2.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
+index e0c82fa9f8..193d20fdfa 100644
+--- a/libraries/libldap/tls2.c
++++ b/libraries/libldap/tls2.c
+@@ -1248,6 +1248,8 @@ ldap_X509dn2bv( void *x509_name, struct berval *bv, LDAPDN_rewrite_func *func,
+ for ( tag = ber_first_element( ber, &len, &rdn_end );
+ tag == LBER_SEQUENCE;
+ tag = ber_next_element( ber, &len, rdn_end )) {
++ if ( rdn_end > dn_end )
++ return LDAP_DECODING_ERROR;
+ tag = ber_skip_tag( ber, &len );
+ ber_skip_data( ber, len );
+ navas++;
+@@ -1257,7 +1259,7 @@ ldap_X509dn2bv( void *x509_name, struct berval *bv, LDAPDN_rewrite_func *func,
+ /* Rewind and prepare to extract */
+ ber_rewind( ber );
+ tag = ber_first_element( ber, &len, &dn_end );
+- if ( tag == LBER_DEFAULT )
++ if ( tag != LBER_SET )
+ return LDAP_DECODING_ERROR;
+
+ /* Allocate the DN/RDN/AVA stuff as a single block */
+@@ -1370,6 +1372,10 @@ allocd:
+ /* X.690 bitString value converted to RFC4517 Bit String */
+ rc = der_to_ldap_BitString( &Val, &newAVA->la_value );
+ goto allocd;
++ case LBER_DEFAULT:
++ /* decode error */
++ rc = LDAP_DECODING_ERROR;
++ goto nomem;
+ default:
+ /* Not a string type at all */
+ newAVA->la_flags = 0;
+--
+2.20.1
+