Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
cyrus-sasl-saslauthd
0001-CVE-2022-24407-Escape-password-for-SQL-ins...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch of Package cyrus-sasl-saslauthd
From 37f2e0f0658d78a1496dc277f402f8b577ce6aae Mon Sep 17 00:00:00 2001 From: Klaus Espenlaub <klaus@espenlaub.com> Date: Tue, 8 Feb 2022 20:34:40 +0000 Subject: [PATCH] CVE-2022-24407 Escape password for SQL insert/update commands. Signed-off-by: Klaus Espenlaub <klaus@espenlaub.com> --- plugins/sql.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/plugins/sql.c b/plugins/sql.c index 31b54a78..6ac81c2f 100644 --- a/plugins/sql.c.orig 2022-02-21 14:33:10.753089792 +0100 +++ b/plugins/sql.c 2022-02-21 14:34:10.137679334 +0100 @@ -1145,6 +1145,7 @@ char *statement = NULL; char *escap_userid = NULL; char *escap_realm = NULL; + char *escap_passwd = NULL; const char *cmd; sql_settings_t *settings; @@ -1216,6 +1217,11 @@ "Unable to begin transaction\n"); } for (cur = to_store; ret == SASL_OK && cur->name; cur++) { + /* Free the buffer, current content is from previous loop. */ + if (escap_passwd) { + sparams->utils->free(escap_passwd); + escap_passwd = NULL; + } if (cur->name[0] == '*') { continue; @@ -1237,19 +1243,32 @@ } sparams->utils->free(statement); + if (cur->values[0]) { + escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1); + if (!escap_passwd) { + ret = SASL_NOMEM; + break; + } + settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]); + } + /* create a statement that we will use */ statement = sql_create_statement(cmd, cur->name, escap_userid, escap_realm, - cur->values && cur->values[0] ? - cur->values[0] : SQL_NULL_VALUE, + escap_passwd ? + escap_passwd : SQL_NULL_VALUE, sparams->utils); + if (!statement) { + ret = SASL_NOMEM; + break; + } { char *log_statement = sql_create_statement(cmd, cur->name, escap_userid, escap_realm, - cur->values && cur->values[0] ? + escap_passwd ? "<omitted>" : SQL_NULL_VALUE, sparams->utils); sparams->utils->log(NULL, SASL_LOG_DEBUG, @@ -1282,6 +1301,7 @@ done: if (escap_userid) sparams->utils->free(escap_userid); if (escap_realm) sparams->utils->free(escap_realm); + if (escap_passwd) sparams->utils->free(escap_passwd); if (conn) settings->sql_engine->sql_close(conn); if (userid) sparams->utils->free(userid); if (realm) sparams->utils->free(realm);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor