aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/curl/patches/112-CVE-2018-1000121.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/network/utils/curl/patches/112-CVE-2018-1000121.patch')
-rw-r--r--package/network/utils/curl/patches/112-CVE-2018-1000121.patch37
1 files changed, 37 insertions, 0 deletions
diff --git a/package/network/utils/curl/patches/112-CVE-2018-1000121.patch b/package/network/utils/curl/patches/112-CVE-2018-1000121.patch
new file mode 100644
index 0000000000..8fdb3377d3
--- /dev/null
+++ b/package/network/utils/curl/patches/112-CVE-2018-1000121.patch
@@ -0,0 +1,37 @@
+From 8f341a5d6f15381492ca2013325d485b6d8d1c13 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 6 Mar 2018 23:02:16 +0100
+Subject: [PATCH] openldap: check ldap_get_attribute_ber() results for NULL
+ before using
+
+CVE-2018-1000121
+Reported-by: Dario Weisser
+Bug: https://curl.haxx.se/docs/adv_2018-97a2.html
+---
+ lib/openldap.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/lib/openldap.c
++++ b/lib/openldap.c
+@@ -443,7 +443,7 @@ static ssize_t ldap_recv(struct connectd
+
+ for(ent = ldap_first_message(li->ld, msg); ent;
+ ent = ldap_next_message(li->ld, ent)) {
+- struct berval bv, *bvals, **bvp = &bvals;
++ struct berval bv, *bvals;
+ int binary = 0, msgtype;
+ CURLcode writeerr;
+
+@@ -505,9 +505,9 @@ static ssize_t ldap_recv(struct connectd
+ }
+ data->req.bytecount += bv.bv_len + 5;
+
+- for(rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, bvp);
+- rc == LDAP_SUCCESS;
+- rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, bvp)) {
++ for(rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals);
++ (rc == LDAP_SUCCESS) && bvals;
++ rc = ldap_get_attribute_ber(li->ld, ent, ber, &bv, &bvals)) {
+ int i;
+
+ if(bv.bv_val == NULL) break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 10:46:36 +0000