From 30fa0e4c993d4a91a90327329b50f02e637fe049 Mon Sep 17 00:00:00 2001
From: William Brown <firstyear@redhat.com>
Date: Tue, 28 Nov 2017 15:31:25 +0100
Subject: [PATCH] Ticket 49470 - overflow in pblock_get

Bug Description:  While getting the connection id we used an int
not a uint64_t

Fix Description:  Make the stack size uint64_t instead.

https://pagure.io/389-ds-base/issue/49470

Author: wibrown

Review by: tbordaz
---
 ldap/servers/slapd/modify.c | 5 +++--
 ldap/servers/slapd/pblock.c | 4 ++--
 ldap/servers/slapd/slap.h   | 2 +-
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 6309975ae..0dcac646b 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -281,11 +281,12 @@ do_modify(Slapi_PBlock *pb)
 
     if (ignored_some_mods && (0 == smods.num_elements)) {
         if (pb_conn->c_isreplication_session) {
-            int connid, opid;
+            uint64_t connid;
+            int32_t opid;
             slapi_pblock_get(pb, SLAPI_CONN_ID, &connid);
             slapi_pblock_get(pb, SLAPI_OPERATION_ID, &opid);
             slapi_log_err(SLAPI_LOG_ERR, "do_modify",
-                          "Rejecting replicated password policy operation(conn=%d op=%d) for "
+                          "Rejecting replicated password policy operation(conn=%"PRIu64" op=%d) for "
                           "entry %s.  To allow these changes to be accepted, set passwordIsGlobalPolicy to 'on' in "
                           "cn=config.\n",
                           connid, opid, rawdn);
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 8f87de5b5..4514c3ce6 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -412,7 +412,7 @@ slapi_pblock_get(Slapi_PBlock *pblock, int arg, void *value)
                           "slapi_pblock_get", "Connection is NULL and hence cannot access SLAPI_CONN_ID \n");
             return (-1);
         }
-        (*(PRUint64 *)value) = pblock->pb_conn->c_connid;
+        (*(uint64_t *)value) = pblock->pb_conn->c_connid;
         break;
     case SLAPI_CONN_DN:
         /*
@@ -2538,7 +2538,7 @@ slapi_pblock_set(Slapi_PBlock *pblock, int arg, void *value)
                           "slapi_pblock_set", "Connection is NULL and hence cannot access SLAPI_CONN_ID \n");
             return (-1);
         }
-        pblock->pb_conn->c_connid = *((PRUint64 *)value);
+        pblock->pb_conn->c_connid = *((uint64_t *)value);
         break;
     case SLAPI_CONN_DN:
         /*
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 44632580a..830944f72 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1604,7 +1604,7 @@ typedef struct conn
     int c_gettingber;                /* in the middle of ber_get_next  */
     BerElement *c_currentber;        /* ber we're getting              */
     time_t c_starttime;              /* when the connection was opened */
-    PRUint64 c_connid;               /* id of this connection for stats*/
+    uint64_t c_connid;               /* id of this connection for stats*/
     PRUint64 c_maxthreadscount;      /* # of times a conn hit max threads */
     PRUint64 c_maxthreadsblocked;    /* # of operations blocked by maxthreads */
     int c_opsinitiated;              /* # ops initiated/next op id      */
-- 
2.13.6