Updated ding-libs packages that fix two bugs are now available for Red Hat Enterprise Linux 6.
The ding-libs packages contain a set of libraries used by the System Security Services Daemon (SSSD) and other projects and provide functions to manipulate filesystem pathnames (libpath_utils), a hash table to manage storage and access time properties (libdhash), a data type to collect data in a hierarchical structure (libcollection), a dynamically growing, reference-counted array (libref_array), and a library to process configuration files in initialization format (INI) into a library collection data structure (libini_config).
Prior to this update, memory could become corrupted if the initial table size exceeded 1024 buckets. This update modifies libdhash so that large initial table sizes now correctly allocate memory.
Prior to this update, buffers were filled and one character above the allocated size would be set to the null terminator if the combination of two strings,concatenated by the function path_concat(), exceeded the size of the destination buffer. This update modifies the underlying code so that the null terminator is no longer added after the end of the buffer.
All users of ding-libs are advised to upgrade to these updated packages, which fix these bugs.