packages/cyrus-sasl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!63 Fix _sasl_add_string

Browse Source 
From: @yixiangzhike 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
This commit is contained in:
openeuler-ci-bot 2025-04-14 09:13:21 +00:00 committed by Gitee
commit 159dd57967
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
backport-Fix-_sasl_add_string.patch Normal file
View File

@ -0,0 +1,32 @@
From 5ac1beeb574cd9d0a518d72330b19d2460688089 Mon Sep 17 00:00:00 2001
From: Guido Kiener <guido@kiener-muenchen.de>
Date: Mon, 25 Jan 2021 17:57:02 +0100
Subject: [PATCH] Fix _sasl_add_string
Issue #587 was not solved correct.
_sasl_add_string adds zero terminator to the output string.
This cuts log messages after the first '%s' of the format string.
With the fix the function _sasl_log now logs the complete message.
Signed-off-by: Guido Kiener <guido@kiener-muenchen.de>
---
lib/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/common.c b/lib/common.c
index d1b028fe..deb94eec 100644
--- a/lib/common.c
+++ b/lib/common.c
@@ -195,7 +195,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
return SASL_NOMEM;
strncpy(*out + *outlen, add, addlen);
- *outlen += addlen;
+ *outlen += addlen-1;
return SASL_OK;
}
--
2.33.0

6
cyrus-sasl.spec
View File

@ -6,7 +6,7 @@
Name: cyrus-sasl
Version: 2.1.27
Release: 17
Release: 18
Summary: The Cyrus SASL API Implementation
License: BSD with advertising
@ -21,6 +21,7 @@ Patch2: backport-db_gdbm-fix-gdbm_errno-overlay-from-gdbm_close.patch
Patch3: backport-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch
Patch4: backport-Use-int-instead-of-char-for-variable-c.patch
Patch5: backport-Fix-heap-corruption.patch
Patch6: backport-Fix-_sasl_add_string.patch
BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig
@ -328,6 +329,9 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
%changelog
* Fri Apr 11 2025 yixiangzhike <yixiangzhike007@163.com> - 2.1.27-18
- backport upstream patch to fix _sasl_add_string
* Thu Dec 19 2024 yixiangzhike <yixiangzhike007@163.com> - 2.1.27-17
- backport upstream patch to fix heap corruption