Home Verkennen Help
Registreren Inloggen
Apq
/
389-ds-base
spiegel van https://github.com/389ds/389-ds-base.git
1
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

511112 - Password history limited to 25 values

https://bugzilla.redhat.com/show_bug.cgi?id=511112

Fix Description: If an entry already having more than 25 password
history attributes is added and password modify is performed on
the entry, it overflows the fixed length values_replace array and
crashes the server.  This patch protects the overflow.
Noriko Hosoi 15 jaren geleden
bovenliggende
50d1c0aaa0
commit
caaa2b7c5f
1 gewijzigde bestanden met toevoegingen van 3 en 3 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 3 3
      ldap/servers/slapd/pw.c

+ 3 - 3
ldap/servers/slapd/pw.c
Bestand weergeven 

@@ -1115,10 +1115,10 @@ int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
 
 	}
 
 	strcpy ( history_str, str );
 
 	strcat ( history_str, old_pw );
 
-	if ( i == pwpolicy->pw_inhistory ) {
 
+	if ( i >= pwpolicy->pw_inhistory ) {
 
 		/* replace the oldest password in history */
 
-		values_replace [oldest] = history_str;
 
-		values_replace[i]=NULL;
 
+		values_replace[oldest] = history_str;
 
+		values_replace[pwpolicy->pw_inhistory] = NULL;
 
 	} else {
 
 		/* add old_pw at the end of password history */
 
 		values_replace[i] =  history_str;