| Summary: | NULL dereferences in openldap-nss-non-blocking.patch | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Kamil Dudka <kdudka> |
| Component: | openldap | Assignee: | Jan Vcelak <jvcelak> |
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.1 | CC: | jplans, jvcelak, omoris, ovasik, tsmetana |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openldap-2.4.23-13.el6 | Doc Type: | Bug Fix |
| Doc Text: |
- rebased OpenLDAP installed
- possible NULL pointer dereference in patch we introduced (openldap-nss-non-blocking.patch) could cause Segmentation Fault when working with TLS
- patch was updated
- openldap-nss-non-blocking.patch does not add NULL pointer dereference
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-05-19 14:00:03 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
- rebased OpenLDAP installed
- possible NULL pointer dereference in patch we introduced (openldap-nss-non-blocking.patch) could cause Segmentation Fault when working with TLS
- patch was updated
- openldap-nss-non-blocking.patch does not add NULL pointer dereference
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0673.html |
Description of problem: --- a/openldap-2.4.23/libraries/libldap/tls_m.c +++ b/openldap-2.4.23/libraries/libldap/tls_m.c @@ -2284,7 +2284,7 @@ tlsm_is_non_ssl_message } if ( p->firsttag == LBER_SEQUENCE ) { - if ( *thebyte ) { + if ( thebyte ) { *thebyte = p->firsttag; } return 1; @@ -2781,7 +2781,7 @@ tlsm_PR_GetSocketOption struct tls_data *p; p = tlsm_get_pvt_tls_data( fd ); - if ( !data ) { + if ( !p || !data ) { return PR_FAILURE; } Version-Release number of selected component (if applicable): openldap-2.4.23-9.el6