Univention Bugzilla – Attachment 8897 Details for
Bug 44732
openldap: Denial of service (4.1)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
ITS-8655-paged-results-double-free.patch
ITS-8655-paged-results-double-free.patch (text/plain), 1022 bytes, created by
Arvid Requate
on 2017-06-01 18:10 CEST
(
hide
)
Description:
ITS-8655-paged-results-double-free.patch
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2017-06-01 18:10 CEST
Size:
1022 bytes
patch
obsolete
>From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001 >From: Ryan Tandy <ryan@nardis.ca> >Date: Wed, 17 May 2017 20:07:39 -0700 >Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0 > >Fixes a double free when a search includes the Paged Results control >with a page size of 0 and the search base matches the filter. >--- > servers/slapd/back-mdb/search.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > >diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c >index 301d1a4..43442aa 100644 >--- a/servers/slapd/back-mdb/search.c >+++ b/servers/slapd/back-mdb/search.c >@@ -1066,7 +1066,8 @@ notfound: > /* check size limit */ > if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) { > if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) { >- mdb_entry_return( op, e ); >+ if (e != base) >+ mdb_entry_return( op, e ); > e = NULL; > send_paged_response( op, rs, &lastid, tentries ); > goto done; >-- >2.1.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 44732
: 8897