CVE-2021-3480: invalid bind DN crash

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2021-05-18 09:59:08 +03:00 · 2021-05-18 09:59:08 +03:00 · 36c5fa7db8
parent a55b37f5ad
commit 36c5fa7db8
4 changed files with 12 additions and 55 deletions
--- a/.gitignore
+++ b/.gitignore
@ -81,3 +81,7 @@ slapi-nis-0.17.tar.gz
 /slapi-nis-0.56.4.tar.gz.sig
 /slapi-nis-0.56.5.tar.gz
 /slapi-nis-0.56.5.tar.gz.asc
+/slapi-nis-0.56.6.tar.gz
+/slapi-nis-0.56.6.tar.gz.asc
+/slapi-nis-0.56.7.tar.gz
+/slapi-nis-0.56.7.tar.gz.asc
--- a/slapi-nis-bz1832190.patch
+++ b/slapi-nis-bz1832190.patch
@ -1,49 +0,0 @@
-From e8c3ed416a442f5a431ca48f7ea384a6abc1fa53 Mon Sep 17 00:00:00 2001
-From: Alexander Bokovoy <abokovoy@redhat.com>
-Date: Wed, 6 May 2020 14:08:41 +0300
-Subject: [PATCH] Initialize map lock in NIS plugin as well
-
-Also if ignored_containers_sdn is NULL, we don't really need to check
-whether a write could be ignored. It has to be processed, so bail out
-early with FALSE.
-
-Resolves: rhbz#1832190
-
-Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
- src/back-shr.c | 4 ++++
- src/plug-nis.c | 3 +++
- 2 files changed, 7 insertions(+)
-
-diff --git a/src/back-shr.c b/src/back-shr.c
-index e2b5dd3..c6a181e 100644
--- a/src/back-shr.c
-+++ b/src/back-shr.c
-@@ -2960,6 +2960,10 @@ backend_shr_write_ignore(Slapi_PBlock *pb)
-     int i = 0;
-     PRBool ignore = PR_FALSE;
- 
-+    if (ignored_containers_sdn == NULL) {
-+        return ignore;
-+    }
-+
-     /* Check if the target DN is a subordinates of
-      * on of the ignored containers
-      */
-diff --git a/src/plug-nis.c b/src/plug-nis.c
-index ee90c37..0ce4ae6 100644
--- a/src/plug-nis.c
-+++ b/src/plug-nis.c
-@@ -540,6 +540,9 @@ nis_plugin_init(Slapi_PBlock *pb)
- 				"error setting up plugin\n");
- 		return -1;
- 	}
-+
-+	init_map_lock();
-+
- 	/* Read global configuration. */
- 	if ((slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_ENTRY,
- 			      &plugin_entry) == 0) &&
-- 
-2.25.4
-
--- a/slapi-nis.spec
+++ b/slapi-nis.spec
@ -10,14 +10,13 @@
 %endif

 Name:		slapi-nis
-Version:	0.56.5
-Release:	2%{?dist}
+Version:	0.56.7
+Release:	1%{?dist}
 Summary:	NIS Server and Schema Compatibility plugins for Directory Server
 License:	GPLv2
 URL:		http://pagure.io/slapi-nis/
 Source0:	https://releases.pagure.org/slapi-nis/slapi-nis-%{version}.tar.gz
 Source1:	https://releases.pagure.org/slapi-nis/slapi-nis-%{version}.tar.gz.asc
-Patch1:		slapi-nis-bz1832190.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
@ -55,7 +54,6 @@ for attributes from multiple entries in the tree.

 %prep
 %setup -q
-%patch1 -p1

 %build
 autoconf --force
@ -83,6 +81,10 @@ make check
 %{_sbindir}/nisserver-plugin-defs

 %changelog
+* Tue May 18 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.7-1
+- CVE-2021-3480: invalid bind DN crash
+- New upstream release
+
 * Wed May 06 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.5-2
 - Initialize map locks in NIS plugin to prevent crash

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (slapi-nis-0.56.5.tar.gz) = ed593603eaa1488dced2ca3a622b2230044ec605d0104f8d3085c3293d6bb3334528cdac2b1c70aa09cd84548d59a51082a3fc1ccfd0ac7f7ffcb8ccad40ab79
-SHA512 (slapi-nis-0.56.5.tar.gz.asc) = 335e0e64848c5b6721caf4fa3737f7068b47a9ade99d9aab413b6bbe2110f6c442c4794a48f2107fdbb2b47f5470d1876f4f23b10202428188a1464241229815
+SHA512 (slapi-nis-0.56.7.tar.gz) = f363bf6db965034ed6e4344a487fafef1d4264464fbec2bb70ff19906e8f9ac5b81bae301397d325ce271852c344538215b7cc8317121d4b626d1d9e8c1296cc
+SHA512 (slapi-nis-0.56.7.tar.gz.asc) = ec719893473b215e1a00b032579bd9063a39848bcbbe5fbee880831ff1e964d83a4a3cc8ed5d331079b04b0d01d098d9cdbb99fb45322e7c64dee2e13fa415c3