PR - Ticket 51014 - slapi_pal.c possible static buffer overflow

[389-ds-bot]

Cloned from Pagure Pull-Request: https://pagure.io/389-ds-base/pull-request/51015

• Created at 2020-04-07 08:32:40 by firstyear (@Firstyear)
• Merged at 2020-04-08 01:36:34

---

Bug Description: Due to an incorrect use of a buffer size,
static analysis in suse detected a possible overflow in
slapi pal. However, it requires root permissions to exploit
anything, and thus is not a security issues.

Fix Description: Change the buffer we read the cgroup into
to be maxpathlen size.

Resolves: #4067

Author: William Brown william@blackhats.net.au

Review by: ???

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2020-04-07 08:33:03

I will backport this to 1.4.2 as well :)

[389-ds-bot]

Comment from tbordaz (@tbordaz) at 2020-04-07 09:58:59

ACK

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2020-04-08 01:35:00

rebased onto a252a6f

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2020-04-08 01:36:34

Pull-Request has been merged by Firstyear

[389-ds-bot]

Comment from firstyear (@Firstyear) at 2020-04-08 01:38:29

To ssh://pagure.io/389-ds-base.git
877f628..b213ed4 389-ds-base-1.4.2 -> 389-ds-base-1.4.2

[389-ds-bot]

Patch
51015.patch