Closed Bug 602920 Opened 14 years ago Closed 14 years ago

Use ASLR in LDAP C SDK if it's available

Categories

(Directory :: LDAP C SDK, defect)

Product:
Directory
Component:
LDAP C SDK
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: reed, Assigned: khuey)

References

(Blocks 1 open bug)

Details

(Whiteboard: [sg:want][tb31wants])

Attachments

(2 files, 1 obsolete file)

Patch [Checked in: Comment 6]
26.03 KB, patch
standard8
: review+
richm
: review+
Details | Diff | Splinter Review
(Bv1) Fix version check, And indentation [Checked in: Comment 12]
3.31 KB, patch
richm
: review+
Details | Diff | Splinter Review
CERT (INFO#335902) reported to security@ that the following DLLs were not being protected by ASLR in Thunderbird: * nsldap32v60.dll * nsldappr32v60.dll * nsldif32v60.dll This might affect SeaMonkey as well. directory/c-sdk/configure.in lives in CVS and is pulled into comm-central via a CVS tag. It seems to have its origins from NSPR, so probably can use a similar fix as NSPR in order to get this working.
Summary: Use ASLR in LDAP C-SDK if it's available → Use ASLR in LDAP C SDK if it's available
Assignee: nobody → khuey
Status: NEW → ASSIGNED
Comment on attachment 482088 [details] [diff] [review] Patch Please use the actual code that nsprpub/configure.in is using... I think you used some code from one of the patches on the bug, which isn't the final version of what works. >+ if test "$_CC_MAJOR_VERSION" = "14"; then -eq >+ elif test $_CC_MAJOR_VERSION -gt 15; then -ge Probably should standardize on "$var" vs. $var, but that's a problem elsewhere, as well. I prefer "$var", as spaces could break something easily, so it's better to account for them always, even when they aren't expected.
Attachment #482088 - Flags: review-
Marking "blocking needed" so any branch approval request on a patch gets quicker notice.
blocking1.9.1: --- → needed
blocking1.9.2: --- → needed
status1.9.1: --- → wanted
status1.9.2: --- → wanted
I copied and pasted this time.
Attachment #482088 - Attachment is obsolete: true
Attachment #484592 - Flags: review?(reed)
Whiteboard: [sg:want] → [sg:want][tb31wants]
Attachment #484592 - Flags: review?(reed) → review?(bugzilla)
Comment on attachment 484592 [details] [diff] [review] Patch [Checked in: Comment 6] I've tested this and it seems to work fine. This should probably get an ok from Rich as well. (Note that ldap is now in Mercurial, so we'll need to land this there when it gets approval, but I can manage that if you want as we'll need to land it in special places).
Attachment #484592 - Flags: review?(richm)
Attachment #484592 - Flags: review?(bugzilla)
Attachment #484592 - Flags: review+
Attachment #484592 - Flags: review?(richm) → review+
Landed on default http://hg.mozilla.org/projects/ldap-sdks/rev/59843de7769c Please propagate this to any other tags it needs to go on, my knowledge of LDAP's release processes is non-existent.
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
comm-central's client.py has the following: # LDAPSDKS 'LDAPSDKS_REPO': 'http://hg.mozilla.org/projects/ldap-sdks/', 'LDAPSDKS_REV': 'LDAPCSDK_6_0_6D_MOZILLA_RTM', Need to create a new tag and update client.py to pull the right one.
(In reply to comment #7) > comm-central's client.py has the following: > # LDAPSDKS > 'LDAPSDKS_REPO': 'http://hg.mozilla.org/projects/ldap-sdks/', > 'LDAPSDKS_REV': 'LDAPCSDK_6_0_6D_MOZILLA_RTM', > > Need to create a new tag and update client.py to pull the right one. Yep, I'll manage all of that.
(there's other things I need to address as well to get it right).
Depends on: 610936
Bah I bet my editor screwed up tabs.
Attachment #501133 - Flags: review?(richm) → review+
No longer depends on: 610936
Comment on attachment 501133 [details] [diff] [review] (Bv1) Fix version check, And indentation [Checked in: Comment 12] http://hg.mozilla.org/projects/ldap-sdks/rev/d8ba98779eb3
Attachment #501133 - Attachment description: (Bv1) Fix version check, And indentation → (Bv1) Fix version check, And indentation [Checked in: Comment 12]
Attachment #484592 - Attachment description: Patch → Patch [Checked in: Comment 6]
Blocks: 623498
FTR Bug 623497 is updating trunk to use a new version of LDAP c-sdk and hence picking this up there. Bug 623498 is picking this up on the branches for Thunderbird and SeaMonkey.
I've now landed these patches in cvs and in ldap: 2011-01-17 03:31 bugzilla%standard8.plus.com mozilla/directory/c-sdk/configure 5.80.2.1 LDAPCSDK_6_0_6D_BRANCH 67/48 Bug 602920 Use ASLR in LDAP C SDK if it's available. p=Kyle Huey <khuey@kylehuey.com>,r=Standard8,r=richm 2011-01-17 03:23 bugzilla%standard8.plus.com mozilla/directory/c-sdk/configure.in 5.74.2.1 LDAPCSDK_6_0_6D_BRANCH 25/3 http://hg.mozilla.org/projects/ldap-sdks/rev/1ecd9e38ee28 They are both tagged LDAPCSDK_6_0_6E_MOZILLA_RTM Bug 623498 will handle the necessary client.py changes.
Branch fields aren't really relevant in this product, fixed on the right branches with bug 623498
blocking1.9.1: needed → ---
blocking1.9.2: needed → ---
status1.9.1: wanted → ---
status1.9.2: wanted → ---
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: