From fe354752c6dac5696bffa2fe92b1e777a3d3d5c4 Mon Sep 17 00:00:00 2001 From: zhouchenchen123 Date: Wed, 21 Dec 2022 17:09:30 +0800 Subject: [PATCH] backport some patch (cherry picked from commit 2ea9b4c7b74cf97360e5ca0e77f0c21bf77a60d4) --- PAM-P11-fixed-minor-mem-leak.patch | 44 +++++++++++++++++++ ...T-mem-cache-fixed-missing-error-code.patch | 29 ++++++++++++ sssd.spec | 7 ++- 3 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 PAM-P11-fixed-minor-mem-leak.patch create mode 100644 SSS_CLIENT-mem-cache-fixed-missing-error-code.patch diff --git a/PAM-P11-fixed-minor-mem-leak.patch b/PAM-P11-fixed-minor-mem-leak.patch new file mode 100644 index 0000000..0a36c32 --- /dev/null +++ b/PAM-P11-fixed-minor-mem-leak.patch @@ -0,0 +1,44 @@ +From f1195229e016e2a3e1a7358ff87954d573b1dcac Mon Sep 17 00:00:00 2001 +From: Alexey Tikhonov +Date: Fri, 13 May 2022 16:21:46 +0200 +Subject: [PATCH] PAM P11: fixed minor mem-leak + +Reviewed-by: Justin Stephenson +Reviewed-by: Sumit Bose +--- + src/responder/pam/pamsrv_p11.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c +index ae1063365..bd205eb93 100644 +--- a/src/responder/pam/pamsrv_p11.c ++++ b/src/responder/pam/pamsrv_p11.c +@@ -523,19 +523,22 @@ static errno_t parse_p11_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, + cert_auth_info = talloc_zero(tmp_ctx, struct cert_auth_info); + if (cert_auth_info == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "talloc_zero failed.\n"); +- return ENOMEM; ++ ret = ENOMEM; ++ goto done; + } + + pn = memchr(p, '\n', buf_len - (p - buf)); + if (pn == NULL) { + DEBUG(SSSDBG_OP_FAILURE, + "Missing new-line in p11_child response.\n"); +- return EINVAL; ++ ret = EINVAL; ++ goto done; + } + if (pn == p) { + DEBUG(SSSDBG_OP_FAILURE, + "Missing counter in p11_child response.\n"); +- return EINVAL; ++ ret = EINVAL; ++ goto done; + } + + cert_auth_info->token_name = talloc_strndup(cert_auth_info, (char *)p, +-- +2.32.0.windows.1 + diff --git a/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch b/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch new file mode 100644 index 0000000..f0555d6 --- /dev/null +++ b/SSS_CLIENT-mem-cache-fixed-missing-error-code.patch @@ -0,0 +1,29 @@ +From ffec99930ec84b586f4532246d04be6207396e54 Mon Sep 17 00:00:00 2001 +From: Alexey Tikhonov +Date: Fri, 17 Jun 2022 15:54:24 +0200 +Subject: [PATCH] SSS_CLIENT: mem-cache: fixed missing error code +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Reviewed-by: Pavel Březina +Reviewed-by: Sumit Bose +--- + src/sss_client/nss_mc_common.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c +index b974d343a..c73a93a9a 100644 +--- a/src/sss_client/nss_mc_common.c ++++ b/src/sss_client/nss_mc_common.c +@@ -167,6 +167,7 @@ static errno_t sss_nss_mc_init_ctx(const char *name, + + ctx->fd = sss_open_cloexec(file, O_RDONLY, &ret); + if (ctx->fd == -1) { ++ ret = EIO; + goto done; + } + +-- +2.32.0.windows.1 + diff --git a/sssd.spec b/sssd.spec index de371bc..83e59d2 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,6 +1,6 @@ Name: sssd Version: 2.6.1 -Release: 6 +Release: 7 Summary: System Security Services Daemon License: GPLv3+ and LGPLv3+ URL: https://pagure.io/SSSD/sssd/ @@ -10,6 +10,8 @@ Patch6000: backport-UTILS-fixes-CWE-394.patch Patch6001: pam_sss_gss-KRB5CCNAME-may-be-NULL.patch Patch6002: SDAP-sdap_get_generic_send-fix-mem-leak.patch Patch6003: sssctl-free-one-malloc-allocated-variable.patch +Patch6004: PAM-P11-fixed-minor-mem-leak.patch +Patch6005: SSS_CLIENT-mem-cache-fixed-missing-error-code.patch Requires: python3-sssd = %{version}-%{release} Requires: libldb @@ -517,6 +519,9 @@ fi %systemd_postun_with_restart sssd.service %changelog +* Wed Dec 21 2022 zhouchenchen - 2.6.1-7 +- backport some patch + * Wed Dec 21 2022 zhouchenchen - 2.6.1-6 - backport some patch -- Gitee