From d7fddffe052d7791ba7e7fee36ce7096a7d2c49b Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Fri, 22 May 2015 08:45:24 +0000
Subject: [PATCH] Merge r1663647, r1679182 from trunk.

r1663647 | jkaluza | 2015-03-03 12:12:18 +0100 (Tue, 03 Mar 2015) | 3 lines

* mod_authn_dbd: apr_pstrdup dbd_password and dbd_hash to fix use-after-free
bug with postgresql


r1679182 | ylavic | 2015-05-13 13:35:22 +0200 (Wed, 13 May 2015) | 1 line

Follup up to r1679181: CHANGES entry.


Reviewed by: ylavic, rjung, wrowe
Backported by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1681044 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                     | 3 +++
 STATUS                      | 8 --------
 modules/aaa/mod_authn_dbd.c | 6 ++++--
 3 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/CHANGES b/CHANGES
index a84c48fecca..ead040a60bf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -43,6 +43,9 @@ Changes with Apache 2.2.30
      conf/extra/httpd-ssl.conf file are now global in scope, affecting all
      VirtualHosts (matching 2.4 default configuration). [William Rowe]
 
+  *) mod_authn_dbd: Fix lifetime of DB lookup entries independently of the
+     selected DB engine.  PR 46421.  [Jan Kaluza].
+
   *) Turn static function get_server_name_for_url() into public
      ap_get_server_name_for_url() and use it where appropriate. This
      fixes mod_rewrite generating invalid URLs for redirects to IPv6
diff --git a/STATUS b/STATUS
index eeca4eb78db..ad5864770e2 100644
--- a/STATUS
+++ b/STATUS
@@ -101,14 +101,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * mod_authn_dbd: Fix lifetime of DB lookup entries independently of the
-     selected DB engine.  PR 46421.
-     trunk patch: http://svn.apache.org/r1663647
-                  http://svn.apache.org/r1679182
-     2.2.x patch: http://people.apache.org/~ylavic/httpd-2.2.x-apr_dbd_get_entry_lifetime.patch
-                  (trunk works but the patch includes a CHANGES entry relative to 2.2.x only)
-     +1: ylavic, rjung, wrowe
-
    * mpm_winnt service.c: Accept utf-8 service names/descriptions for i18n.
      trunk patches: http://svn.apache.org/r1611165
                     http://svn.apache.org/r1611169
diff --git a/modules/aaa/mod_authn_dbd.c b/modules/aaa/mod_authn_dbd.c
index 3341171e67d..1cc9c709e67 100644
--- a/modules/aaa/mod_authn_dbd.c
+++ b/modules/aaa/mod_authn_dbd.c
@@ -159,7 +159,8 @@ static authn_status authn_dbd_password(request_rec *r, const char *user,
                 i++;
             }
 #endif
-            dbd_password = apr_dbd_get_entry(dbd->driver, row, 0);
+            dbd_password = apr_pstrdup(r->pool,
+                                       apr_dbd_get_entry(dbd->driver, row, 0));
         }
         /* we can't break out here or row won't get cleaned up */
     }
@@ -249,7 +250,8 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user,
                 i++;
             }
 #endif
-            dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0);
+            dbd_hash = apr_pstrdup(r->pool,
+                                   apr_dbd_get_entry(dbd->driver, row, 0));
         }
         /* we can't break out here or row won't get cleaned up */
     }
-- 
2.47.2