6 files changed, 1 insertions, 231 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch b/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch
deleted file mode 100644
index b42bd9764f..0000000000
--- a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 9e4ccd1e78ceac8de1ab66ee62ee216f1fbd4956 Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Thu, 2 Dec 2021 11:38:15 +0800
-Subject: [PATCH] ldif-filter: fix parallel build failure
-Add slapd-common.o as dependency for ldif-filter to fix the parallel
-build failure:
-  ld: cannot find slapd-common.o: No such file or directory
-Upstream-Status: Pending
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- tests/progs/Makefile.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/tests/progs/Makefile.in b/tests/progs/Makefile.in
-index 13f1e8be2..e4f4ccf98 100644
--- a/tests/progs/Makefile.in
-+++ b/tests/progs/Makefile.in
-@@ -56,7 +56,7 @@ slapd-modify: slapd-modify.o $(OBJS) $(XLIBS)
- slapd-bind: slapd-bind.o $(OBJS) $(XLIBS)
-        $(LTLINK) -o $@ slapd-bind.o $(OBJS) $(LIBS)
- 
-ldif-filter: ldif-filter.o $(XLIBS)
-+ldif-filter: ldif-filter.o $(OBJS) $(XLIBS)
-        $(LTLINK) -o $@ ldif-filter.o $(OBJS) $(LIBS)
- 
- slapd-mtread: slapd-mtread.o $(OBJS) $(XLIBS)
-- 
-2.25.1
diff --git a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch b/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch
deleted file mode 100644
index 552726bb0a..0000000000
--- a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 690f69791eb6cd0d7e94b4d73219ee864de27f62 Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Mon, 10 Jan 2022 10:13:51 +0800
-Subject: [PATCH] libraries/Makefile.in: ignore the mkdir errors
-Ignore the mkdir errors to fix the parallel build failure:
-../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib
-mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib': File exists
-Upstream-Status: Pending
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- libraries/Makefile.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/libraries/Makefile.in b/libraries/Makefile.in
-index d9cb2ff..c6b251f 100644
--- a/libraries/Makefile.in
-+++ b/libraries/Makefile.in
-@@ -24,7 +24,7 @@ PKGCONFIG_DIR=$(DESTDIR)$(libdir)/pkgconfig
- PKGCONFIG_SRCDIRS=liblber libldap
- 
- install-local:
-       @$(MKDIR) $(PKGCONFIG_DIR)
-+       @-$(MKDIR) $(PKGCONFIG_DIR)
-        @for i in $(PKGCONFIG_SRCDIRS); do \
-            $(INSTALL_DATA) $$i/*.pc $(PKGCONFIG_DIR); \
-        done
-- 
-2.17.1
diff --git a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch b/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch
deleted file mode 100644
index bcd1525b67..0000000000
--- a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 79381ab335898c9184e22dd25b544adefa9bf6c5 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Mon, 7 Feb 2022 16:26:57 -0800
-Subject: [PATCH] librewrite: include ldap_pvt_thread.h before redefining
- calloc
-This helps compiling with musl, where sched.h is included by
-ldap_pvt_thread.h which provides prototype for calloc() and conflicts
-/usr/include/sched.h:84:7: error: conflicting types for 'ber_memcalloc'
-| void *calloc(size_t, size_t);
-|       ^1
-|  warning and 1 error generated.
-| ./rewrite-int.h:44:21: note: expanded from macro 'calloc'
-| #define calloc(x,y)     ber_memcalloc(x,y)
-|                         ^
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- libraries/librewrite/rewrite-int.h | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h
-index 4481dd3..5ec226d 100644
--- a/libraries/librewrite/rewrite-int.h
-+++ b/libraries/librewrite/rewrite-int.h
-@@ -40,6 +40,11 @@
- 
- #include <rewrite.h>
- 
-+#ifndef NO_THREADS
-+#define USE_REWRITE_LDAP_PVT_THREADS
-+#include <ldap_pvt_thread.h>
-+#endif
-+
- #define malloc(x)      ber_memalloc(x)
- #define calloc(x,y)    ber_memcalloc(x,y)
- #define realloc(x,y)   ber_memrealloc(x,y)
-@@ -47,11 +52,6 @@
- #undef strdup
- #define        strdup(x)       ber_strdup(x)
- 
-#ifndef NO_THREADS
-#define USE_REWRITE_LDAP_PVT_THREADS
-#include <ldap_pvt_thread.h>
-#endif
-
- /*
-  * For details, see RATIONALE.
-  */
-- 
-2.35.1
diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch
deleted file mode 100644
index 2517dac334..0000000000
--- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Wed, 24 Aug 2022 14:40:51 +0100
-Subject: [PATCH] ITS#9904 ldif_open_url: check for ber_strdup failure
-Code present since 1999, df8f7cbb9b79be3be9205d116d1dd0b263d6861a
-Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce]
-CVE: CVE-2023-2953
-Signed-off-by: Ashish Sharma <asharma@mvista.com>
---
- libraries/libldap/fetch.c | 2 ++
- 1 file changed, 2 insertions(+)
-diff --git a/libraries/libldap/fetch.c b/libraries/libldap/fetch.c
-index 9e426dc647..536871bcfe 100644
--- a/libraries/libldap/fetch.c
-+++ b/libraries/libldap/fetch.c
-@@ -69,6 +69,8 @@ ldif_open_url(
-                }
- 
-                p = ber_strdup( urlstr );
-+               if ( p == NULL )
-+                       return NULL;
- 
-                /* But we should convert to LDAP_DIRSEP before use */
-                if ( LDAP_DIRSEP[0] != '/' ) {
-- 
-GitLab
diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch
deleted file mode 100644
index 2f24df9266..0000000000
--- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Thu, 25 Aug 2022 16:13:21 +0100
-Subject: [PATCH] ITS#9904 ldap_url_parsehosts: check for strdup failure
-Avoid unnecessary strdup in IPv6 addr parsing, check for strdup
-failure when dup'ing scheme.
-Code present since 2000, 8da110a9e726dbc612b302feafe0109271e6bc59
-Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b]
-CVE: CVE-2023-2953
-Signed-off-by: Ashish Sharma <asharma@mvista.com>
---
- libraries/libldap/url.c | 21 ++++++++++++---------
- 1 file changed, 12 insertions(+), 9 deletions(-)
-diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
-index 7e56564265..8df0abd044 100644
--- a/libraries/libldap/url.c
-+++ b/libraries/libldap/url.c
-@@ -1386,24 +1386,22 @@ ldap_url_parsehosts(
-                }
-                ludp->lud_port = port;
-                ludp->lud_host = specs[i];
-               specs[i] = NULL;
-                p = strchr(ludp->lud_host, ':');
-                if (p != NULL) {
-                        /* more than one :, IPv6 address */
-                        if ( strchr(p+1, ':') != NULL ) {
-                                /* allow [address] and [address]:port */
-                                if ( *ludp->lud_host == '[' ) {
-                                       p = LDAP_STRDUP(ludp->lud_host+1);
-                                       /* copied, make sure we free source later */
-                                       specs[i] = ludp->lud_host;
-                                       ludp->lud_host = p;
-                                       p = strchr( ludp->lud_host, ']' );
-+                                       p = strchr( ludp->lud_host+1, ']' );
-                                        if ( p == NULL ) {
-                                                LDAP_FREE(ludp);
-                                                ldap_charray_free(specs);
-                                                return LDAP_PARAM_ERROR;
-                                        }
-                                       *p++ = '\0';
-+                                       /* Truncate trailing ']' and shift hostname down 1 char */
-+                                       *p = '\0';
-+                                       AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host );
-+                                       p++;
-                                        if ( *p != ':' ) {
-                                                if ( *p != '\0' ) {
-                                                        LDAP_FREE(ludp);
-@@ -1429,14 +1427,19 @@ ldap_url_parsehosts(
-                                }
-                        }
-                }
-               ldap_pvt_hex_unescape(ludp->lud_host);
-                ludp->lud_scheme = LDAP_STRDUP("ldap");
-+               if ( ludp->lud_scheme == NULL ) {
-+                       LDAP_FREE(ludp);
-+                       ldap_charray_free(specs);
-+                       return LDAP_NO_MEMORY;
-+               }
-+               specs[i] = NULL;
-+               ldap_pvt_hex_unescape(ludp->lud_host);
-                ludp->lud_next = *ludlist;
-                *ludlist = ludp;
-        }
- 
-        /* this should be an array of NULLs now */
-       /* except entries starting with [ */
-        ldap_charray_free(specs);
-        return LDAP_SUCCESS;
- }
-- 
-GitLab
diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb
index cd29760b8c..9e9d05917d 100644
--- a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb
+++ b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb
@@ -19,15 +19,10 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$
    file://initscript \
    file://slapd.service \
    file://remove-user-host-pwd-from-version.patch \
-    file://0001-ldif-filter-fix-parallel-build-failure.patch \
    file://0001-build-top.mk-unset-STRIP_OPTS.patch \
-    file://0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch \
-    file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \
-    file://CVE-2023-2953-1.patch \
-    file://CVE-2023-2953-2.patch \
 "
-SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96"
+SRC_URI[sha256sum] = "546ba591822e8bb0e467d40c4d4a30f89d937c3a507fe83a578f582f6a211327"
 DEPENDS = "util-linux groff-native"

diff --git a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch b/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch deleted file mode 100644 index b42bd9764f..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch +++ /dev/null
@@ -1,32 +0,0 @@
1	From 9e4ccd1e78ceac8de1ab66ee62ee216f1fbd4956 Mon Sep 17 00:00:00 2001
2	From: Yi Zhao <yi.zhao@windriver.com>
3	Date: Thu, 2 Dec 2021 11:38:15 +0800
4	Subject: [PATCH] ldif-filter: fix parallel build failure
5
6	Add slapd-common.o as dependency for ldif-filter to fix the parallel
7	build failure:
8	ld: cannot find slapd-common.o: No such file or directory
9
10	Upstream-Status: Pending
11
12	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
13	---
14	tests/progs/Makefile.in \| 2 +-
15	1 file changed, 1 insertion(+), 1 deletion(-)
16
17	diff --git a/tests/progs/Makefile.in b/tests/progs/Makefile.in
18	index 13f1e8be2..e4f4ccf98 100644
19	--- a/tests/progs/Makefile.in
20	+++ b/tests/progs/Makefile.in
21	@@ -56,7 +56,7 @@ slapd-modify: slapd-modify.o $(OBJS) $(XLIBS)
22	slapd-bind: slapd-bind.o $(OBJS) $(XLIBS)
23	$(LTLINK) -o $@ slapd-bind.o $(OBJS) $(LIBS)
24
25	-ldif-filter: ldif-filter.o $(XLIBS)
26	+ldif-filter: ldif-filter.o $(OBJS) $(XLIBS)
27	$(LTLINK) -o $@ ldif-filter.o $(OBJS) $(LIBS)
28
29	slapd-mtread: slapd-mtread.o $(OBJS) $(XLIBS)
30	--
31	2.25.1
32


diff --git a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch b/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch deleted file mode 100644 index 552726bb0a..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch +++ /dev/null
@@ -1,33 +0,0 @@
1	From 690f69791eb6cd0d7e94b4d73219ee864de27f62 Mon Sep 17 00:00:00 2001
2	From: Yi Zhao <yi.zhao@windriver.com>
3	Date: Mon, 10 Jan 2022 10:13:51 +0800
4	Subject: [PATCH] libraries/Makefile.in: ignore the mkdir errors
5
6	Ignore the mkdir errors to fix the parallel build failure:
7
8	../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib
9	mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib': File exists
10
11	Upstream-Status: Pending
12
13	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
14	---
15	libraries/Makefile.in \| 2 +-
16	1 file changed, 1 insertion(+), 1 deletion(-)
17
18	diff --git a/libraries/Makefile.in b/libraries/Makefile.in
19	index d9cb2ff..c6b251f 100644
20	--- a/libraries/Makefile.in
21	+++ b/libraries/Makefile.in
22	@@ -24,7 +24,7 @@ PKGCONFIG_DIR=$(DESTDIR)$(libdir)/pkgconfig
23	PKGCONFIG_SRCDIRS=liblber libldap
24
25	install-local:
26	- @$(MKDIR) $(PKGCONFIG_DIR)
27	+ @-$(MKDIR) $(PKGCONFIG_DIR)
28	@for i in $(PKGCONFIG_SRCDIRS); do \
29	$(INSTALL_DATA) $$i/*.pc $(PKGCONFIG_DIR); \
30	done
31	--
32	2.17.1
33


diff --git a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch b/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch deleted file mode 100644 index bcd1525b67..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch +++ /dev/null
@@ -1,54 +0,0 @@
1	From 79381ab335898c9184e22dd25b544adefa9bf6c5 Mon Sep 17 00:00:00 2001
2	From: Khem Raj <raj.khem@gmail.com>
3	Date: Mon, 7 Feb 2022 16:26:57 -0800
4	Subject: [PATCH] librewrite: include ldap_pvt_thread.h before redefining
5	calloc
6
7	This helps compiling with musl, where sched.h is included by
8	ldap_pvt_thread.h which provides prototype for calloc() and conflicts
9
10	/usr/include/sched.h:84:7: error: conflicting types for 'ber_memcalloc'
11	\| void *calloc(size_t, size_t);
12	\| ^1
13	\| warning and 1 error generated.
14	\| ./rewrite-int.h:44:21: note: expanded from macro 'calloc'
15	\| #define calloc(x,y) ber_memcalloc(x,y)
16	\| ^
17
18	Upstream-Status: Pending
19	Signed-off-by: Khem Raj <raj.khem@gmail.com>
20	---
21	libraries/librewrite/rewrite-int.h \| 10 +++++-----
22	1 file changed, 5 insertions(+), 5 deletions(-)
23
24	diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h
25	index 4481dd3..5ec226d 100644
26	--- a/libraries/librewrite/rewrite-int.h
27	+++ b/libraries/librewrite/rewrite-int.h
28	@@ -40,6 +40,11 @@
29
30	#include <rewrite.h>
31
32	+#ifndef NO_THREADS
33	+#define USE_REWRITE_LDAP_PVT_THREADS
34	+#include <ldap_pvt_thread.h>
35	+#endif
36	+
37	#define malloc(x) ber_memalloc(x)
38	#define calloc(x,y) ber_memcalloc(x,y)
39	#define realloc(x,y) ber_memrealloc(x,y)
40	@@ -47,11 +52,6 @@
41	#undef strdup
42	#define strdup(x) ber_strdup(x)
43
44	-#ifndef NO_THREADS
45	-#define USE_REWRITE_LDAP_PVT_THREADS
46	-#include <ldap_pvt_thread.h>
47	-#endif
48	-
49	/*
50	* For details, see RATIONALE.
51	*/
52	--
53	2.35.1
54


diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch deleted file mode 100644 index 2517dac334..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch +++ /dev/null
@@ -1,30 +0,0 @@
1	From ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 Mon Sep 17 00:00:00 2001
2	From: Howard Chu <hyc@openldap.org>
3	Date: Wed, 24 Aug 2022 14:40:51 +0100
4	Subject: [PATCH] ITS#9904 ldif_open_url: check for ber_strdup failure
5
6	Code present since 1999, df8f7cbb9b79be3be9205d116d1dd0b263d6861a
7
8	Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce]
9	CVE: CVE-2023-2953
10	Signed-off-by: Ashish Sharma <asharma@mvista.com>
11	---
12	libraries/libldap/fetch.c \| 2 ++
13	1 file changed, 2 insertions(+)
14
15	diff --git a/libraries/libldap/fetch.c b/libraries/libldap/fetch.c
16	index 9e426dc647..536871bcfe 100644
17	--- a/libraries/libldap/fetch.c
18	+++ b/libraries/libldap/fetch.c
19	@@ -69,6 +69,8 @@ ldif_open_url(
20	}
21
22	p = ber_strdup( urlstr );
23	+ if ( p == NULL )
24	+ return NULL;
25
26	/* But we should convert to LDAP_DIRSEP before use */
27	if ( LDAP_DIRSEP[0] != '/' ) {
28	--
29	GitLab
30


diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch deleted file mode 100644 index 2f24df9266..0000000000 --- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch +++ /dev/null
@@ -1,76 +0,0 @@
1	From 3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 Mon Sep 17 00:00:00 2001
2	From: Howard Chu <hyc@openldap.org>
3	Date: Thu, 25 Aug 2022 16:13:21 +0100
4	Subject: [PATCH] ITS#9904 ldap_url_parsehosts: check for strdup failure
5
6	Avoid unnecessary strdup in IPv6 addr parsing, check for strdup
7	failure when dup'ing scheme.
8
9	Code present since 2000, 8da110a9e726dbc612b302feafe0109271e6bc59
10
11	Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b]
12	CVE: CVE-2023-2953
13	Signed-off-by: Ashish Sharma <asharma@mvista.com>
14	---
15	libraries/libldap/url.c \| 21 ++++++++++++---------
16	1 file changed, 12 insertions(+), 9 deletions(-)
17
18	diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
19	index 7e56564265..8df0abd044 100644
20	--- a/libraries/libldap/url.c
21	+++ b/libraries/libldap/url.c
22	@@ -1386,24 +1386,22 @@ ldap_url_parsehosts(
23	}
24	ludp->lud_port = port;
25	ludp->lud_host = specs[i];
26	- specs[i] = NULL;
27	p = strchr(ludp->lud_host, ':');
28	if (p != NULL) {
29	/* more than one :, IPv6 address */
30	if ( strchr(p+1, ':') != NULL ) {
31	/* allow [address] and [address]:port */
32	if ( *ludp->lud_host == '[' ) {
33	- p = LDAP_STRDUP(ludp->lud_host+1);
34	- /* copied, make sure we free source later */
35	- specs[i] = ludp->lud_host;
36	- ludp->lud_host = p;
37	- p = strchr( ludp->lud_host, ']' );
38	+ p = strchr( ludp->lud_host+1, ']' );
39	if ( p == NULL ) {
40	LDAP_FREE(ludp);
41	ldap_charray_free(specs);
42	return LDAP_PARAM_ERROR;
43	}
44	- *p++ = '\0';
45	+ /* Truncate trailing ']' and shift hostname down 1 char */
46	+ *p = '\0';
47	+ AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host );
48	+ p++;
49	if ( *p != ':' ) {
50	if ( *p != '\0' ) {
51	LDAP_FREE(ludp);
52	@@ -1429,14 +1427,19 @@ ldap_url_parsehosts(
53	}
54	}
55	}
56	- ldap_pvt_hex_unescape(ludp->lud_host);
57	ludp->lud_scheme = LDAP_STRDUP("ldap");
58	+ if ( ludp->lud_scheme == NULL ) {
59	+ LDAP_FREE(ludp);
60	+ ldap_charray_free(specs);
61	+ return LDAP_NO_MEMORY;
62	+ }
63	+ specs[i] = NULL;
64	+ ldap_pvt_hex_unescape(ludp->lud_host);
65	ludp->lud_next = *ludlist;
66	*ludlist = ludp;
67	}
68
69	/* this should be an array of NULLs now */
70	- /* except entries starting with [ */
71	ldap_charray_free(specs);
72	return LDAP_SUCCESS;
73	}
74	--
75	GitLab
76


diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb index cd29760b8c..9e9d05917d 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb
@@ -19,15 +19,10 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$
19	file://initscript \	19	file://initscript \
20	file://slapd.service \	20	file://slapd.service \
21	file://remove-user-host-pwd-from-version.patch \	21	file://remove-user-host-pwd-from-version.patch \
22	file://0001-ldif-filter-fix-parallel-build-failure.patch \
23	file://0001-build-top.mk-unset-STRIP_OPTS.patch \	22	file://0001-build-top.mk-unset-STRIP_OPTS.patch \
24	file://0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch \
25	file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \
26	file://CVE-2023-2953-1.patch \
27	file://CVE-2023-2953-2.patch \
28	"	23	"
29		24
30	SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96"	25	SRC_URI[sha256sum] = "546ba591822e8bb0e467d40c4d4a30f89d937c3a507fe83a578f582f6a211327"
31		26
32	DEPENDS = "util-linux groff-native"	27	DEPENDS = "util-linux groff-native"
33		28