Fix CVE-2017-9287: https://www.openldap.org/its/?findid=8655 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9287 Patch copied from upstream source repository: https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001 From: Ryan Tandy Date: Wed, 17 May 2017 20:07:39 -0700 Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0 Fixes a double free when a search includes the Paged Results control with a page size of 0 and the search base matches the filter. --- servers/slapd/back-mdb/search.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c index 301d1a498c..43442aa242 100644 --- a/servers/slapd/back-mdb/search.c +++ b/servers/slapd/back-mdb/search.c @@ -1066,7 +1066,8 @@ notfound: /* check size limit */ if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) { if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) { - mdb_entry_return( op, e ); + if (e != base) + mdb_entry_return( op, e ); e = NULL; send_paged_response( op, rs, &lastid, tentries ); goto done; -- 2.13.0 .scm?id=c904350a81f9ff47cc025bc9d0d48f1bd2ead30e'>commitdiff
path: root/gnu/home.scm
AgeCommit message (Expand)Author
2024-03-22system, home: Validate ‘services’ field value....This guides newcomers who might stick a single (service …) form in this field. * gnu/services.scm (validate-service-list): New macro. (%validate-service-list): New procedure. * gnu/system.scm (<operating-system>)[services]: Add ‘sanitize’. * gnu/home.scm (<home-environment>)[services]: Add ‘sanitize’. Change-Id: I9e29bd9a078e87b627ab766fd669ba9de79f8473 Ludovic Courtès
2023-03-20home: 'home-environment-with-provenance' uses the HE location info....* gnu/home.scm (home-environment-with-provenance): Make `config-file` optional, with the default taken from the HE location info. Signed-off-by: Andrew Tropin <andrew@trop.in> Sergey Trofimov
2023-03-13home: Export home-environment-packages....* gnu/home.scm (home-environment-packages): Export procedure. Signed-off-by: Andrew Tropin <andrew@trop.in> Sergey Trofimov