This is an automated email from the git hooks/post-receive script.
firstyear pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new b213ed4 Ticket 51014 - slapi_pal.c possible static buffer overflow
b213ed4 is described below
commit b213ed417210f223c97369bdb479c6fbe4f49913
Author: William Brown <william@blackhats.net.au>
AuthorDate: Tue Apr 7 16:30:41 2020 +1000
Ticket 51014 - slapi_pal.c possible static buffer overflow
Bug Description: Due to an incorrect use of a buffer size,
static analysis in suse detected a possible overflow in
slapi pal. However, it requires root permissions to exploit
anything, and thus is not a security issues.
Fix Description: Change the buffer we read the cgroup into
to be maxpathlen size.
https://pagure.io/389-ds-base/issue/51014
Author: William Brown <william@blackhats.net.au>
Review by: ???
---
ldap/servers/slapd/slapi_pal.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/slapi_pal.c b/ldap/servers/slapd/slapi_pal.c
index 3ae7d12..fecc24d 100644
--- a/ldap/servers/slapd/slapi_pal.c
+++ b/ldap/servers/slapd/slapi_pal.c
@@ -126,7 +126,7 @@ _spal_dir_exist(char *path)
static char *
_spal_cgroupv2_path() {
FILE *f;
- char s[256] = {0};
+ char s[MAXPATHLEN + 1] = {0};
char *res = NULL;
/* We discover our path by looking at /proc/self/cgroup */
f = fopen("/proc/self/cgroup", "r");
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
389-commits mailing list -- 389-commits@lists.fedoraproject.org
To unsubscribe send an email to 389-commits-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-commits@lists.fedoraproject.org
No comments:
Post a Comment