Bug 493989
| Summary: | Admin Server: valgrind invalid read in security.c when installing CRL | ||
|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | Rich Megginson <rmeggins> |
| Component: | Admin | Assignee: | Rich Megginson <rmeggins> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 1.2.0 | CC: | benl, jgalipea, nkinder |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | 8.1 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-04-29 23:11:55 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 249650, 493682 | ||
| Attachments: | |||
Created attachment 338073 [details]
cvs commit log
Reviewed by: nkinder (Thanks!)
Fix Description: security.c uses strstr to search for the begin and end crl header and footer. This assumes the buffer is null terminated, but it is not. The fix is to null terminate the buffer.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
fedora-ds-admin-1.1.7-2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/fedora-ds-admin-1.1.7-2.fc9 fedora-ds-admin-1.1.7-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/fedora-ds-admin-1.1.7-2.fc10 attaching valgrind output from RHEL 5 DS 8.1 - importing CRL Do not find any security.c messages in output. Please review attached report for validation. Thanks. Created attachment 338329 [details]
valgrind output
It's actually not a problem with slapd, it's a problem with the security CGI program in /usr/lib[64]/dirsrv/cgi-bin/security okay. Can you please add steps to verify? Thanks Created attachment 338366 [details]
security shell script
cd /usr/lib/dirsrv/cgi-bin or /usr/lib64/dirsrv/cgi-bin
mv security security.orig
Then copy the attached shell script to security
chmod +x security
add the crl in the console
The valgrind and other files will be in /tmp/security
Created attachment 338376 [details]
When loading the CRL with the security shell script attached in place, loading the CRL almost halts the system and the console eventually times out with an http error. It did produce a number of log
Please let me know if this is enough or I need to try something else. Thanks I checked all of the valgrind files - all of them report No Errors. Verified. Thank you Rich! verified RHEL 4 DS 8.1 fedora-ds-admin-1.1.7-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. fedora-ds-admin-1.1.7-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html |
Created attachment 338069 [details] patch valgrind reports an invalid read in security.c when parsing the CRL file.