Bug 57282 - Regression: Buffer overflow in read_password_file()
Summary: Regression: Buffer overflow in read_password_file()
Status: NEW
Alias: None
Product: UCS
Classification: Unclassified
Component: UMC - Policies
Version: UCS 5.0
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: UMC maintainers
QA Contact: UMC maintainers
URL: https://git.knut.univention.de/univen...
Keywords:
Depends on: 57169 57173
Blocks:
  Show dependency treegraph
 
Reported: 2024-05-14 10:27 CEST by Philipp Hahn
Modified: 2025-03-21 14:46 CET (History)
5 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 4: A User would return the product
User Pain: 0.229
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Regression, Security
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2024-05-14 10:27:28 CEST 
22481357c402a3d08022f67ab21d7e38fdb71612 introduced a buffer overflow.

https://git.knut.univention.de/univention/ucs/-/merge_requests/1134


PS: The commit message is bogus:
> feat(univention-policy): Respect directory/manager/starttls

1. It is a "fix": a commit of the type fix *patches a bug* in your codebase.
   Not a "feature": a commit of the type feat introduces a *new feature* to the codebase.
   Go read <https://www.conventionalcommits.org/en/v1.0.0/>
2. The change has *nothing* to do with StartTLS itself. Changing the code slightly changed the memory layout, which now exposes the underlying bug.

+++ This bug was initially created as a clone of Bug #57173 +++
+++ This bug was initially created as a clone of Bug #57169 +++