diff options
author | tonnerre <tonnerre> | 2008-07-03 22:14:50 +0000 |
---|---|---|
committer | tonnerre <tonnerre> | 2008-07-03 22:14:50 +0000 |
commit | 44c39250997b6f90e6a945bdcbc6b9d5b46c7482 (patch) | |
tree | 05c450d1244b45e6e53a4921dd63ed4709135842 /databases/openldap/patches | |
parent | ed6d66cc46fa225554a796cf65871ad3747da84f (diff) | |
download | pkgsrc-44c39250997b6f90e6a945bdcbc6b9d5b46c7482.tar.gz |
Add patch to fix a libBER Denial of Service in OpenLDAP. (CVE-2008-2952)
Diffstat (limited to 'databases/openldap/patches')
-rw-r--r-- | databases/openldap/patches/patch-aa | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/databases/openldap/patches/patch-aa b/databases/openldap/patches/patch-aa new file mode 100644 index 00000000000..fb76e2d2cc8 --- /dev/null +++ b/databases/openldap/patches/patch-aa @@ -0,0 +1,23 @@ +$NetBSD: patch-aa,v 1.10 2008/07/03 22:14:50 tonnerre Exp $ + +--- libraries/liblber/io.c.orig 2008-02-12 00:26:41.000000000 +0100 ++++ libraries/liblber/io.c +@@ -584,13 +584,11 @@ ber_get_next( + return LBER_DEFAULT; + } + /* Not enough bytes? */ +- if (ber->ber_rwptr - (char *)p < llen) { +-#if defined( EWOULDBLOCK ) +- sock_errset(EWOULDBLOCK); +-#elif defined( EAGAIN ) +- sock_errset(EAGAIN); +-#endif +- return LBER_DEFAULT; ++ i = ber->ber_rwptr - (char *)p; ++ if (i < llen) { ++ sblen=ber_int_sb_read( sb, ber->ber_rwptr, i ); ++ if (sblen<i) return LBER_DEFAULT; ++ ber->ber_rwptr += sblen; + } + for (i=0; i<llen; i++) { + tlen <<=8; |