[389-commits] ldap/servers
Noriko Hosoi
nhosoi at fedoraproject.org
Wed May 26 00:50:11 UTC 2010
ldap/servers/slapd/pw.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
New commits:
commit caaa2b7c5fdab6d3bf8c3155f32020eae8fc82ce
Author: Noriko Hosoi <nhosoi at redhat.com>
Date: Tue May 25 17:47:47 2010 -0700
511112 - Password history limited to 25 values
https://bugzilla.redhat.com/show_bug.cgi?id=511112
Fix Description: If an entry already having more than 25 password
history attributes is added and password modify is performed on
the entry, it overflows the fixed length values_replace array and
crashes the server. This patch protects the overflow.
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 15add06..bf98877 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -1115,10 +1115,10 @@ int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
}
strcpy ( history_str, str );
strcat ( history_str, old_pw );
- if ( i == pwpolicy->pw_inhistory ) {
+ if ( i >= pwpolicy->pw_inhistory ) {
/* replace the oldest password in history */
- values_replace [oldest] = history_str;
- values_replace[i]=NULL;
+ values_replace[oldest] = history_str;
+ values_replace[pwpolicy->pw_inhistory] = NULL;
} else {
/* add old_pw at the end of password history */
values_replace[i] = history_str;
More information about the 389-commits
mailing list