Blame SOURCES/cve-2021-3480-fix.patch
|
 |
44937c |
From 2f2b7ecd9d6a0f5044c24e4f96464942a1d873db Mon Sep 17 00:00:00 2001
|
|
|
44937c |
From: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
44937c |
Date: Wed, 7 Apr 2021 14:40:52 +0300
|
|
|
44937c |
Subject: [PATCH] CVE-2021-3480: invalid bind DN crash
|
|
|
44937c |
|
|
|
44937c |
For certain LDAP bind operations 389-ds would pass unvalidated bind DN
|
|
|
44937c |
to bind plugins. A first attempt to normalize the DN would find that out
|
|
|
44937c |
and should reject the request.
|
|
|
44937c |
|
|
|
44937c |
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
44937c |
---
|
|
|
44937c |
src/back-sch.c | 5 +++++
|
|
|
44937c |
1 file changed, 5 insertions(+)
|
|
|
44937c |
|
|
|
44937c |
diff --git a/src/back-sch.c b/src/back-sch.c
|
|
|
44937c |
index a5e4c04..d806627 100644
|
|
|
44937c |
--- a/src/back-sch.c
|
|
|
44937c |
+++ b/src/back-sch.c
|
|
|
44937c |
@@ -1988,6 +1988,11 @@ backend_locate_cb(const char *group, const char *set, bool_t flag,
|
|
|
44937c |
rdn = slapi_rdn_new_sdn(cbdata->target_dn);
|
|
|
44937c |
if (rdn != NULL) {
|
|
|
44937c |
rdnstr = slapi_rdn_get_nrdn(rdn);
|
|
|
44937c |
+ if (rdnstr == NULL) {
|
|
|
44937c |
+ /* normalizing RDN failed, break the search */
|
|
|
44937c |
+ slapi_rdn_free(&rdn;;
|
|
|
44937c |
+ return FALSE;
|
|
|
44937c |
+ }
|
|
|
44937c |
if (map_match(cbdata->state, group, set, &flag,
|
|
|
44937c |
strlen(rdnstr), rdnstr,
|
|
|
44937c |
&ndnlen, &ndn,
|
|
|
44937c |
--
|
|
|
44937c |
2.31.1
|
|
|
44937c |
|