Security fix for CVE-2024-8445

Description:
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all
scenarios. In certain product versions, this issue may allow
an authenticated user to cause a server crash while modifying
`userPassword` using malformed input.

References:
- https://access.redhat.com/security/cve/CVE-2024-8445
- https://nvd.nist.gov/vuln/detail/cve-2024-8445
- https://bugzilla.redhat.com/show_bug.cgi?id=2310110
- https://nvd.nist.gov/vuln/detail/CVE-2024-2199
- https://access.redhat.com/security/cve/CVE-2024-2199
- https://bugzilla.redhat.com/show_bug.cgi?id=2267976

Origin: upstream, commit:1d3fddaac336f84e87ba399388f85734d79ebb95

Gbp-Pq: Name CVE-2024-8445.patch

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 29f3791cc9f1b00dee6cb15fc3a98422aa283e34..a17608c5826b1bfdb9d8413ecc0127801bb05008 100644 (file)
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -937,6 +937,7 @@ op_shared_modify(Slapi_PBlock *pb, int pw_change, char *old_pw)
                 send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "Unable to hash \"userPassword\" attribute, "
                     "check value is utf8 string.\n", 0, NULL);
                 valuearray_free(&va);
+                slapi_pblock_set(pb, SLAPI_MODIFY_MODS, (void *)slapi_mods_get_ldapmods_passout(&smods));
                 goto free_and_return;
             }