diff options
| -rw-r--r-- | krb5-master-strdupcheck.patch | 23 | ||||
| -rw-r--r-- | krb5.spec | 8 |
2 files changed, 30 insertions, 1 deletions
diff --git a/krb5-master-strdupcheck.patch b/krb5-master-strdupcheck.patch new file mode 100644 index 0000000..4c9d0c1 --- /dev/null +++ b/krb5-master-strdupcheck.patch @@ -0,0 +1,23 @@ +commit b6810da129512b6d0200580d78d22d38cc214e21 +Author: Lukas Slebodnik <lslebodn@redhat.com> +Date: Sat Jun 21 17:09:31 2014 +0200 + + Fix error check in krb5_ldap_parse_principal_name + + Test the correct variable for NULL to detect a strdup failure. + + [ghudson@mit.edu: clarified commit message] + +diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c +index 21695a9..44bf339 100644 +--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c ++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c +@@ -412,7 +412,7 @@ krb5_ldap_parse_principal_name(char *i_princ_name, char **o_princ_name) + at_rlm_name = strrchr(i_princ_name, '@'); + if (!at_rlm_name) { + *o_princ_name = strdup(i_princ_name); +- if (!o_princ_name) ++ if (!*o_princ_name) + return ENOMEM; + } else { + k5_buf_init_dynamic(&buf); @@ -41,7 +41,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.12.2 -Release: 2%{?dist} +Release: 3%{?dist} # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.12/krb5-1.12.2-signed.tar Source0: krb5-%{version}.tar.gz @@ -98,6 +98,7 @@ Patch139: krb5-master-rcache-acquirecred-source.patch Patch141: krb5-master-rcache-acquirecred-test.patch Patch142: krb5-master-move-otp-sockets.patch Patch145: krb5-master-mechd.patch +Patch146: krb5-master-strdupcheck.patch Patch201: 0001-In-ksu-merge-krb5_ccache_copy-and-_restricted.patch Patch202: 0002-In-ksu-don-t-stat-not-on-disk-ccache-residuals.patch Patch203: 0003-Use-an-intermediate-memory-cache-in-ksu.patch @@ -345,6 +346,7 @@ ln -s NOTICE LICENSE %patch141 -p1 -b .rcache-acquirecred-test %patch142 -p1 -b .move-otp-sockets %patch145 -p1 -b .master-mechd +%patch146 -p1 -b .master-strdupcheck # Take the execute bit off of documentation. chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html @@ -1021,6 +1023,10 @@ exit 0 %{_sbindir}/uuserver %changelog +* Wed Aug 20 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12.2-3 +- pull in upstream fix for an incorrect check on the value returned by a + strdup() call (#1132062) + * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.12.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |