From a44d0f55bc6fc7b4fd34dd9633386e86e9cc7d31 Mon Sep 17 00:00:00 2001
From: guoxiaoqi <guoxiaoqi2@huawei.com>
Date: Tue, 10 Mar 2020 10:10:09 +0800
Subject: [PATCH] fix cve-2019-19906

---
 cyrus-sasl.spec          |  8 ++++++--
 fix-CVE-2019-19906.patch | 26 ++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 fix-CVE-2019-19906.patch

diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec
index 8721b85..677d5e0 100644
--- a/cyrus-sasl.spec
+++ b/cyrus-sasl.spec
@@ -6,7 +6,7 @@
 
 Name: cyrus-sasl
 Version: 2.1.27
-Release: 8
+Release: 9
 Summary: The Cyrus SASL API Implementation
 
 License: BSD with advertising
@@ -14,7 +14,8 @@ URL: https://www.cyrusimap.org/sasl/
 Source0: https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-2.1.27/cyrus-sasl-2.1.27.tar.gz
 Source1: saslauthd.service
 
-Patch6000: 0003-Prevent-double-free-of-RC4-context.patch
+Patch0: 0003-Prevent-double-free-of-RC4-context.patch
+Patch1: fix-CVE-2019-19906.patch
 
 BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
 BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig
@@ -256,6 +257,9 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
 
 
 %changelog
+* Tue Mar 10 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.1.27-9
+- fix CVE-2019-19906
+
 * Mon Feb 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.1.27-8
 - add cyrus-sasl-lib containing dynamic library for cyrus-sasl
 
diff --git a/fix-CVE-2019-19906.patch b/fix-CVE-2019-19906.patch
new file mode 100644
index 0000000..09f3a1d
--- /dev/null
+++ b/fix-CVE-2019-19906.patch
@@ -0,0 +1,26 @@
+From 58aa420b5a0f5e7e5e88f2228f318fb12da5bb13 Mon Sep 17 00:00:00 2001
+From: guoxiaoqi2 <guoxiaoqi2@huawei.com>
+Date: Tue, 21 Jan 2020 17:59:49 -0500
+Subject: [PATCH] fix CVE-2019-19906
+
+Signed-off-by: guoxiaoqi2 <guoxiaoqi2@huawei.com>
+---
+ lib/common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/common.c b/lib/common.c
+index 305311d..445c5d5 100644
+--- a/lib/common.c
++++ b/lib/common.c
+@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
+ 
+   if (add==NULL) add = "(null)";
+ 
+-  addlen=strlen(add); /* only compute once */
++  addlen=strlen(add)+1; /* only compute once */
+   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
+     return SASL_NOMEM;
+ 
+-- 
+1.8.3.1
+
-- 
Gitee