From 2352e8d4732550cfe394d9d3ffe6a6327e3bb203 Mon Sep 17 00:00:00 2001 From: yixiangzhike Date: Tue, 14 Oct 2025 14:50:13 +0800 Subject: [PATCH] fix saslpasswd2 coredump when enable srp-setpass (cherry picked from commit 1e98a85105ab2c7ad0b0b67e1f0af261a273a723) --- backport-Fix-SRP-setpass.patch | 28 ++++++++++++++++++++++++++++ cyrus-sasl.spec | 6 +++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-SRP-setpass.patch diff --git a/backport-Fix-SRP-setpass.patch b/backport-Fix-SRP-setpass.patch new file mode 100644 index 0000000..0cd87cb --- /dev/null +++ b/backport-Fix-SRP-setpass.patch @@ -0,0 +1,28 @@ +From 61e358da45d1740a722058d74aaecde76ae0abb0 Mon Sep 17 00:00:00 2001 +From: Howard Chu +Date: Sat, 23 Jul 2022 19:51:42 +0100 +Subject: [PATCH] Fix SRP setpass + +Wrong argument to MakeBuffer. Fixes #740. + +Signed-off-by: Howard Chu +--- + plugins/srp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/srp.c b/plugins/srp.c +index 7cf36c27..67bee323 100644 +--- a/plugins/srp.c ++++ b/plugins/srp.c +@@ -2296,7 +2296,7 @@ static int srp_setpass(void *glob_context __attribute__((unused)), + + r = MakeBuffer(text->utils, &text->out_buf, &text->out_buf_len, + &bufferlen, "%s%m%o", +- server_mda->name, &v, saltlen, salt); ++ server_mda->name, v, saltlen, salt); + + if (r) { + sparams->utils->seterror(sparams->utils->conn, 0, +-- +2.43.0 + diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec index 0c5cbf9..f9c7243 100644 --- a/cyrus-sasl.spec +++ b/cyrus-sasl.spec @@ -6,7 +6,7 @@ Name: cyrus-sasl Version: 2.1.28 -Release: 6 +Release: 7 Summary: The Cyrus SASL API Implementation License: BSD with advertising @@ -20,6 +20,7 @@ Patch2: backport-sample-Rename-dprint-function.patch Patch3: backport-Fix-time.h-check.patch Patch4: backport-Use-int-instead-of-char-for-variable-c.patch Patch5: backport-Fix-heap-corruption.patch +Patch6: backport-Fix-SRP-setpass.patch BuildRequires: autoconf, automake, libtool, gdbm-devel, groff BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig @@ -263,6 +264,9 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir} %changelog +* Tue Oct 14 2025 yixiangzhike - 2.1.28-7 +- fix saslpasswd2 coredump when enable srp-setpass + * Fri Jun 20 2025 yixiangzhike - 2.1.28-6 - cyrus-sasl requires cyrus-sasl-lib with the same version -- Gitee