projects / 389-ds-base.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 731b7b9)
CVE-2022-0918 - Craft message may crash the server (#5243) - Issue 5242
authortbordaz <tbordaz@redhat.com>
Wed, 30 Mar 2022 16:07:23 +0000 (18:07 +0200)
committerAndrej Shadura <andrewsh@debian.org>
Sun, 19 Jan 2025 12:30:31 +0000 (13:30 +0100)
Bug description:
A craft request can result in DoS

Fix description:
If the server fails to decode the ber value
then return an Error

relates: 5242

Reviewed by: Pierre Rogier, Mark Reynolds (thanks !)

Platforms tested:  F34

Origin: upstream, commit:caad47ab207d7c5d61521ec4d33091db559c315a

Gbp-Pq: Name CVE-2022-0918-Craft-message-may-crash-the-server.patch

ldap/servers/slapd/filter.c patch | blob | history

diff --git a/ldap/servers/slapd/filter.c b/ldap/servers/slapd/filter.c
index 40f11c2300376b69831f006bf19900be2645e224..dd3ce0340fdde3a580367d706dba32f1d3a1d57f 100644 (file)
--- a/ldap/servers/slapd/filter.c
+++ b/ldap/servers/slapd/filter.c
@@ -647,8 +647,14 @@ get_extensible_filter(BerElement *ber, mr_filter_t *mrf)
         }
     }
 
-    if ((tag != LBER_ERROR) && (len != -1)) {
-        goto parsing_error;
+    if (tag == LBER_ERROR) {
+        if (len == -1) {
+            /* means that the ber sequence ended without  LBER_END_OF_SEQORSET tag
+             * and it is considered as valid to ensure compatibility with open ldap.
+             */
+        } else {
+            goto parsing_error;
+        }
     }
 
     slapi_log_err(SLAPI_LOG_FILTER, "get_extensible_filter", "<= %i\n", rc);
Unnamed repository; edit this file 'description' to name the repository.