diff --git a/backport-Fix-off-by-one-error-in-closing-file-descriptors.patch b/backport-Fix-off-by-one-error-in-closing-file-descriptors.patch new file mode 100644 index 0000000000000000000000000000000000000000..c0e23549e65e4413ee7f8f190fc65737d9e08a30 --- /dev/null +++ b/backport-Fix-off-by-one-error-in-closing-file-descriptors.patch @@ -0,0 +1,27 @@ +From 1c9b021e78dc67b9cdca5f9ad10cbde08418ee28 Mon Sep 17 00:00:00 2001 +From: Arthur de Jong +Date: Mon, 10 Oct 2022 23:15:06 +0200 +Subject: [PATCH] Fix off-by one error in closing file descriptors + +This could leave file descriptor 3 open from the parent process starting +nslcd. +--- + nslcd/daemonize.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/nslcd/daemonize.c b/nslcd/daemonize.c +index d11d358..be3b386 100644 +--- a/nslcd/daemonize.c ++++ b/nslcd/daemonize.c +@@ -50,7 +50,7 @@ void daemonize_closefds(void) + hope we closed enough */ + if (i < 0) + i = 32; +- for (; i > 3; i--) ++ for (; i > 2; i--) + close(i); + } + +-- +2.27.0 + diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index 9386113e4f2ed5210181a95fc7e1b38457234bef..a376bad3218b4a4b732db937f5d33162cc07a16c 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -2,7 +2,7 @@ Name: nss-pam-ldapd Version: 0.9.11 -Release: 1 +Release: 2 Summary: NSS and PAM libraries for name lookups and authentication using LDAP License: LGPLv2+ URL: http://arthurdejong.org/nss-pam-ldapd/ @@ -13,6 +13,7 @@ Source4: nslcd.service Patch0: 0001-Disable-pylint-tests.patch Patch1: 0002-Watch-for-uint32_t-overflows.patch +Patch2: backport-Fix-off-by-one-error-in-closing-file-descriptors.patch BuildRequires: gcc, openldap-devel, krb5-devel, autoconf, automake, pam-devel, systemd-units %{?systemd_requires} @@ -100,6 +101,12 @@ getent passwd nslcd > /dev/null || \ %{_mandir}/*/* %changelog +* Wed Oct 19 2022 yixiangzhike - 0.9.11-2 +- Type:bugfix +- ID:NA +- SUG:restart +- DESC:fix off-by one error in closing file descriptors + * Mon Jul 27 2020 Liquor - 0.9.11-1 - Type:bugfix - ID:NA