Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 102447 Details for
Bug 154349
net-nds/openldap - BIND Denial of Service Vulnerability (CVE-2006-5779)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
openldap-2.3.27-CVE-2006-5779.patch
openldap-2.3.27-CVE-2006-5779.patch (text/plain), 1.14 KB, created by
Eduardo Tongson
on 2006-11-21 00:02:29 UTC
(
hide
)
Description:
openldap-2.3.27-CVE-2006-5779.patch
Filename:
MIME Type:
Creator:
Eduardo Tongson
Created:
2006-11-21 00:02:29 UTC
Size:
1.14 KB
patch
obsolete
>RCS file: /repo/OpenLDAP/pkg/ldap/libraries/libldap/getdn.c,v >retrieving revision 1.133 >retrieving revision 1.134 >diff -u -r1.133 -r1.134 >--- libraries/libldap/getdn.c 2006/10/28 02:47:58 1.133 >+++ libraries/libldap/getdn.c 2006/11/08 22:57:02 1.134 >@@ -2016,7 +2016,7 @@ > strval2strlen( struct berval *val, unsigned flags, ber_len_t *len ) > { > ber_len_t l, cl = 1; >- char *p; >+ char *p, *end; > int escaped_byte_len = LDAP_DN_IS_PRETTY( flags ) ? 1 : 3; > #ifdef PRETTY_ESCAPE > int escaped_ascii_len = LDAP_DN_IS_PRETTY( flags ) ? 2 : 3; >@@ -2030,7 +2030,8 @@ > return( 0 ); > } > >- for ( l = 0, p = val->bv_val; p < val->bv_val + val->bv_len; p += cl ) { >+ end = val->bv_val + val->bv_len - 1; >+ for ( l = 0, p = val->bv_val; p <= end; p += cl ) { > > /* > * escape '%x00' >@@ -2059,7 +2060,7 @@ > } else if ( LDAP_DN_NEEDESCAPE( p[ 0 ] ) > || LDAP_DN_SHOULDESCAPE( p[ 0 ] ) > || ( p == val->bv_val && LDAP_DN_NEEDESCAPE_LEAD( p[ 0 ] ) ) >- || ( !p[ 1 ] && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) ) { >+ || ( p == end && LDAP_DN_NEEDESCAPE_TRAIL( p[ 0 ] ) ) ) { > #ifdef PRETTY_ESCAPE > #if 0 > if ( LDAP_DN_WILLESCAPE_HEX( flags, p[ 0 ] ) ) {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 154349
: 102447