diff --git a/0001-LDAP-Check-validity-of-naming_context.patch b/0001-LDAP-Check-validity-of-naming_context.patch new file mode 100644 index 0000000..30564fd --- /dev/null +++ b/0001-LDAP-Check-validity-of-naming_context.patch @@ -0,0 +1,26 @@ +From 78fb6ec085ba14e513361e42ed9285888ac319e3 Mon Sep 17 00:00:00 2001 +From: Jakub Hrozek +Date: Mon, 15 Oct 2012 17:39:14 +0200 +Subject: [PATCH] LDAP: Check validity of naming_context + +https://fedorahosted.org/sssd/ticket/1581 + +If the namingContext attribute had no values or multiple values, then +our code would dereference a NULL pointer. + +diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c +index cdc8b1f18cb38b43a83d734bb5237d5379831b53..f5b1f95f0eaa8e6b5ea9d77c1d7226c05d366104 100644 +--- a/src/providers/ldap/sdap.c ++++ b/src/providers/ldap/sdap.c +@@ -746,7 +746,7 @@ static char *get_naming_context(TALLOC_CTX *mem_ctx, + * a zero-length namingContexts value in some situations. In this + * case, we should return it as NULL so things fail gracefully. + */ +- if (naming_context[0] == '\0') { ++ if (naming_context && naming_context[0] == '\0') { + talloc_zfree(naming_context); + } + +-- +1.7.12.1 + diff --git a/sssd.spec b/sssd.spec index 0a66ec0..647b764 100644 --- a/sssd.spec +++ b/sssd.spec @@ -16,7 +16,7 @@ Name: sssd Version: 1.9.2 -Release: 3%{?dist} +Release: 4%{?dist} Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ @@ -25,6 +25,7 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) ### Patches ### +Patch0001: 0001-LDAP-Check-validity-of-naming_context.patch Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch ### Dependencies ### @@ -525,6 +526,9 @@ fi %postun -n libsss_sudo -p /sbin/ldconfig %changelog +* Tue Oct 30 2012 Jakub Hrozek - 1.9.2-4 +- Check the validity of naming context + * Thu Oct 18 2012 Jakub Hrozek - 1.9.2-3 - Move the sss_cache tool to the main package