Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier (#836) · Issues · alpine / aports

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value.

Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059;selectid=7059

Patch:
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=507238713b71208ec4f262f312cb495a302df9e9

Affects Alpine Linux v2.1 (openldap-2.4.24-r0)

(from redmine: issue id 836, created on 2011-11-22, closed on 2012-01-05)

Relations:
- relates #835 (closed)
Changesets:
- Revision 4beef45c by Natanael Copa on 2011-11-22T07:18:45Z:

main/openldap: security fix (CVE-2011-4079)

fixes #836

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information