Add patch to fix a libBER Denial of Service in OpenLDAP. (CVE-2008-2952)

author: tonnerre <tonnerre> 2008-07-03 22:14:50 +0000
committer: tonnerre <tonnerre> 2008-07-03 22:14:50 +0000
commit: 44c39250997b6f90e6a945bdcbc6b9d5b46c7482 (patch)
tree: 05c450d1244b45e6e53a4921dd63ed4709135842 /databases/openldap/patches
parent: ed6d66cc46fa225554a796cf65871ad3747da84f (diff)
download: pkgsrc-44c39250997b6f90e6a945bdcbc6b9d5b46c7482.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/databases/openldap/patches/patch-aa b/databases/openldap/patches/patch-aa
new file mode 100644
index 00000000000..fb76e2d2cc8
--- /dev/null
+++ b/databases/openldap/patches/patch-aa
@@ -0,0 +1,23 @@
+$NetBSD: patch-aa,v 1.10 2008/07/03 22:14:50 tonnerre Exp $
+
+--- libraries/liblber/io.c.orig	2008-02-12 00:26:41.000000000 +0100
++++ libraries/liblber/io.c
+@@ -584,13 +584,11 @@ ber_get_next(
+ 				return LBER_DEFAULT;
+ 			}
+ 			/* Not enough bytes? */
+-			if (ber->ber_rwptr - (char *)p < llen) {
+-#if defined( EWOULDBLOCK )
+-				sock_errset(EWOULDBLOCK);
+-#elif defined( EAGAIN )
+-				sock_errset(EAGAIN);
+-#endif			
+-				return LBER_DEFAULT;
++			i = ber->ber_rwptr - (char *)p;
++			if (i < llen) {
++				sblen=ber_int_sb_read( sb, ber->ber_rwptr, i );
++				if (sblen<i) return LBER_DEFAULT;
++				ber->ber_rwptr += sblen;
+ 			}
+ 			for (i=0; i<llen; i++) {
+ 				tlen <<=8;
author	tonnerre <tonnerre>	2008-07-03 22:14:50 +0000
committer	tonnerre <tonnerre>	2008-07-03 22:14:50 +0000
commit	44c39250997b6f90e6a945bdcbc6b9d5b46c7482 (patch)
tree	05c450d1244b45e6e53a4921dd63ed4709135842 /databases/openldap/patches
parent	ed6d66cc46fa225554a796cf65871ad3747da84f (diff)
download	pkgsrc-44c39250997b6f90e6a945bdcbc6b9d5b46c7482.tar.gz