ds.git - Unnamed repository; edit this file to name it for gitweb.

diff options

author	Noriko Hosoi <nhosoi@redhat.com>	2008-11-24 20:26:32 +0000
committer	Noriko Hosoi <nhosoi@redhat.com>	2008-11-24 20:26:32 +0000
commit	e549330ed3d104f3c31f58951325d80ad1e6a4ba (patch)
tree	ce58f5c993fa408ab5a87ce4455ca6b85dc8aecf /ldap/admin/src/scripts/SetupLog.pm
parent	991d543bda1fc5d36646b49e3d982ff791cbf082 (diff)
download	ds-e549330ed3d104f3c31f58951325d80ad1e6a4ba.tar.gz ds-e549330ed3d104f3c31f58951325d80ad1e6a4ba.tar.xz ds-e549330ed3d104f3c31f58951325d80ad1e6a4ba.zip

Resolves: #472457

Summary: Specially crafted Server Side Sort crashes directory server or makes it unresponsive Description: The cause of the problem was a buffer overflow. The length of the 2 sort specs "-sn;2.16.840.1.113730.3.3.2.18.1.6 -givenName;2.16.840.1.113730.3. 3.2.18.1.6 " is just about the prepared buffer size, which is unfortunate since there is no space for the candidate size, e.g., "(1944)" being added later. By adding the "(1944)" to the static buffer, it caused buffer overflow and crashed your server. The code to check the length of the candidate size before calculating the buffer size is added.

Diffstat (limited to 'ldap/admin/src/scripts/SetupLog.pm')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: