Merge r1921971 from trunk:

* modules/aaa/mod_authnz_ldap.c (create_authnz_ldap_dir_config): Fix allocation
  of sgAttributes, found by gcc -fanalyzer:

modules/aaa/mod_authnz_ldap.c: scope_hint: In function 'create_authnz_ldap_dir_config'
modules/aaa/mod_authnz_ldap.c:356:23: warning[-Wanalyzer-allocation-size]: allocated buffer size is not a multiple of the pointee's size

Reviewed by: jorton, jailletc36, covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1922944 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index d510c674236992f4e159c5a8d25aeae3c0bd9449..feb65d99ff13f22e006689072f45a4e1b4043217 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.63
 
+  *) mod_authnz_ldap: Fix possible memory corruption if the
+     AuthLDAPSubGroupAttribute directive is configured.  [Joe Orton]  
+
   *) mod_proxy_fcgi: Don't re-encode SCRIPT_FILENAME when set via SetHandler.
      PR 69203. [Yann Ylavic]
 

diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c
index a7b4939752e7306bf4b023138b7feaa21abd7a70..95d090a5cec87a3599d8e18e5886fa63a7d72322 100644 (file)
--- a/modules/aaa/mod_authnz_ldap.c
+++ b/modules/aaa/mod_authnz_ldap.c
@@ -353,7 +353,7 @@ static void *create_authnz_ldap_dir_config(apr_pool_t *p, char *d)
     sec->group_attrib_is_dn = 1;
     sec->secure = -1;   /*Initialize to unset*/
     sec->maxNestingDepth = 10;
-    sec->sgAttributes = apr_pcalloc(p, sizeof (char *) * GROUPATTR_MAX_ELTS + 1);
+    sec->sgAttributes = apr_pcalloc(p, sizeof (char *) * (GROUPATTR_MAX_ELTS + 1));
 
     sec->user_is_dn = 0;
     sec->remote_user_attribute = NULL;