diff --git a/backport-Fix-memory-leak-in-config-parsing.patch b/backport-Fix-memory-leak-in-config-parsing.patch new file mode 100644 index 0000000..730c4a2 --- /dev/null +++ b/backport-Fix-memory-leak-in-config-parsing.patch @@ -0,0 +1,29 @@ +From 9a353ac7f84a2b6485dd1bb1b272cb8405bd4e9e Mon Sep 17 00:00:00 2001 +From: Arthur de Jong +Date: Tue, 27 Aug 2024 21:39:21 +0200 +Subject: [PATCH] Fix memory leak in config parsing + +This fixes a one-time memory leak in reading the base configuration +option. +--- + nslcd/cfg.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/nslcd/cfg.c b/nslcd/cfg.c +index 86917d5..6e56161 100644 +--- a/nslcd/cfg.c ++++ b/nslcd/cfg.c +@@ -685,7 +685,10 @@ static void handle_base(const char *filename, int lnr, + #endif /* not HAVE_LDAP_DOMAIN2DN */ + } + if (strcasecmp(value, "\"\"") == 0) ++ { ++ free(value); + value = ""; ++ } + /* find the spot in the list of bases */ + for (i = 0; i < NSS_LDAP_CONFIG_MAX_BASES; i++) + if (bases[i] == NULL) +-- +2.33.0 + diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index 789a660..a541c14 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -2,7 +2,7 @@ Name: nss-pam-ldapd Version: 0.9.12 -Release: 3 +Release: 4 Summary: NSS and PAM libraries for name lookups and authentication using LDAP License: LGPLv2+ URL: http://arthurdejong.org/nss-pam-ldapd/ @@ -14,6 +14,7 @@ Source4: nslcd.service Patch0: 0001-Disable-pylint-tests.patch Patch1: 0002-Watch-for-uint32_t-overflows.patch Patch2: backport-Fix-off-by-one-error-in-closing-file-descriptors.patch +Patch3: backport-Fix-memory-leak-in-config-parsing.patch BuildRequires: gcc, openldap-devel, krb5-devel, autoconf, automake, pam-devel, systemd-units %{?systemd_requires} @@ -101,6 +102,12 @@ getent passwd nslcd > /dev/null || \ %{_mandir}/*/* %changelog +* Wed Oct 09 2024 yixiangzhike - 0.9.12-4 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:fix memory leak in config parsing + * Wed May 08 2024 lifeifei - 0.9.12-3 - Type:requirement - CVE:NA