summaryrefslogtreecommitdiff
path: root/databases/openldap/patches/patch-libraries_librewrite_session.c
diff options
context:
space:
mode:
Diffstat (limited to 'databases/openldap/patches/patch-libraries_librewrite_session.c')
-rw-r--r--databases/openldap/patches/patch-libraries_librewrite_session.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/databases/openldap/patches/patch-libraries_librewrite_session.c b/databases/openldap/patches/patch-libraries_librewrite_session.c
new file mode 100644
index 00000000000..905861bc43d
--- /dev/null
+++ b/databases/openldap/patches/patch-libraries_librewrite_session.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-libraries_librewrite_session.c,v 1.1 2014/05/09 08:12:00 tron Exp $
+
+Fix for CVE-2013-4449 taken from the OpenLDA GIT repository:
+
+http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=59688044386dfeee0c837a15133f4e878f1bb661
+
+--- libraries/librewrite/session.c.orig 2014-01-25 13:36:15.000000000 +0000
++++ libraries/librewrite/session.c 2014-05-09 09:03:51.000000000 +0100
+@@ -161,6 +161,7 @@
+ #ifdef USE_REWRITE_LDAP_PVT_THREADS
+ if ( session ) {
+ ldap_pvt_thread_mutex_lock( &session->ls_mutex );
++ session->ls_count++;
+ }
+ ldap_pvt_thread_rdwr_runlock( &info->li_cookies_mutex );
+ #endif /* USE_REWRITE_LDAP_PVT_THREADS */
+@@ -178,6 +179,7 @@
+ )
+ {
+ assert( session != NULL );
++ session->ls_count--;
+ ldap_pvt_thread_mutex_unlock( &session->ls_mutex );
+ }
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-03 10:00:04 +0000