diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2007-10-19 15:36:01 +0000 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2007-10-19 15:36:01 +0000 |
| commit | 84adaec98d576be54fdbe510a0863f0f1e9be89e (patch) | |
| tree | 55a1e0d4dd1b151329d906abb4385241936b04e9 | |
| parent | f1a636b3c5074b4a6ea64f75cd2dc21a6167941d (diff) | |
| download | ds-84adaec98d576be54fdbe510a0863f0f1e9be89e.tar.gz ds-84adaec98d576be54fdbe510a0863f0f1e9be89e.tar.xz ds-84adaec98d576be54fdbe510a0863f0f1e9be89e.zip | |
Resolves: bug 297221
Description: rhds71 Malformed Dynamic Authorization Group makes Directory Server Crash
Reviewed by: supplemental
Fix Description: In some cases, it is ok if the filter is NULL. So just allow NULL in those cases. slapi_str2filter must take either NULL or a writable string, so make sure we pass those in correctly.
| -rw-r--r-- | ldap/servers/plugins/acl/aclanom.c | 10 | ||||
| -rw-r--r-- | ldap/servers/plugins/acl/acllas.c | 8 | ||||
| -rw-r--r-- | ldap/servers/plugins/statechange/statechange.c | 5 | ||||
| -rw-r--r-- | ldap/servers/slapd/plugin_internal_op.c | 2 |
4 files changed, 19 insertions, 6 deletions
diff --git a/ldap/servers/plugins/acl/aclanom.c b/ldap/servers/plugins/acl/aclanom.c index 02efd231..e783c54d 100644 --- a/ldap/servers/plugins/acl/aclanom.c +++ b/ldap/servers/plugins/acl/aclanom.c @@ -238,8 +238,16 @@ aclanom_gen_anomProfile (acl_lock_flag_t lock_flag) } a_profile->anom_targetinfo[a_numacl].anom_filter = NULL; - if ( aci->targetFilterStr ) + if ( aci->targetFilterStr ) { a_profile->anom_targetinfo[a_numacl].anom_filter = slapi_str2filter ( aci->targetFilterStr ); + if (NULL == a_profile->anom_targetinfo[a_numacl].anom_filter) { + const char *dn = slapi_sdn_get_dn ( aci->aci_sdn ); + slapi_log_error(SLAPI_LOG_FATAL, plugin_name, + "Error: invalid filter [%s] in anonymous aci in entry [%s]\n", + aci->targetFilterStr, dn); + goto cleanup; + } + } i = 0; srcattrArray = aci->targetAttr; diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c index 8eedc998..1b04215c 100644 --- a/ldap/servers/plugins/acl/acllas.c +++ b/ldap/servers/plugins/acl/acllas.c @@ -3027,7 +3027,7 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url /* Convert the filter string */ f = slapi_str2filter ( ludp->lud_filter ); - if (f == NULL) { /* bogus filter */ + if (ludp->lud_filter && (f == NULL)) { /* bogus filter */ slapi_log_error(SLAPI_LOG_FATAL, plugin_name, "DS_LASUserAttrEval: The member URL search filter in entry [%s] is not valid: [%s]\n", n_clientdn, ludp->lud_filter); @@ -3036,8 +3036,8 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url } rc = ACL_TRUE; - if (0 != slapi_vattr_filter_test ( aclpb->aclpb_pblock, - aclpb->aclpb_client_entry, f, 0 /* no acces chk */ )) + if (f && (0 != slapi_vattr_filter_test ( aclpb->aclpb_pblock, + aclpb->aclpb_client_entry, f, 0 /* no acces chk */ ))) rc = ACL_FALSE; ldap_free_urldesc( ludp ); @@ -3843,6 +3843,8 @@ static int acllas_eval_one_target_filter( char * str, Slapi_Entry *e) { int rc = ACL_FALSE; Slapi_Filter *f = NULL; + PR_ASSERT(str); + if ((f = slapi_str2filter(str)) == NULL) { slapi_log_error(SLAPI_LOG_FATAL, plugin_name, "Warning: Bad targetfilter(%s) in aci: does not match\n", str); diff --git a/ldap/servers/plugins/statechange/statechange.c b/ldap/servers/plugins/statechange/statechange.c index e2e1ca50..89809de3 100644 --- a/ldap/servers/plugins/statechange/statechange.c +++ b/ldap/servers/plugins/statechange/statechange.c @@ -331,7 +331,8 @@ static int _statechange_register(char *caller_id, char *dn, char *filter, void * item->dn = 0; item->filter = slapi_ch_strdup(filter); item->caller_data = caller_data; - if (NULL == (item->realfilter = slapi_str2filter(writable_filter))) { + if (writable_filter && + (NULL == (item->realfilter = slapi_str2filter(writable_filter)))) { slapi_log_error(SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM, "Error: invalid filter in statechange entry [%s]: [%s]\n", dn, filter); @@ -341,6 +342,8 @@ static int _statechange_register(char *caller_id, char *dn, char *filter, void * slapi_ch_free_string(&writable_filter); slapi_ch_free((void **)&item); return -1; + } else if (!writable_filter) { + item->realfilter = NULL; } item->func = func; diff --git a/ldap/servers/slapd/plugin_internal_op.c b/ldap/servers/slapd/plugin_internal_op.c index 30aa1101..f3e001dd 100644 --- a/ldap/servers/slapd/plugin_internal_op.c +++ b/ldap/servers/slapd/plugin_internal_op.c @@ -719,7 +719,7 @@ static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data, op->o_search_entry_handler = internal_srch_entry_callback; op->o_search_referral_handler = internal_ref_entry_callback; - filter = slapi_str2filter(ifstr ? (fstr = slapi_ch_strdup(ifstr)) : ""); + filter = slapi_str2filter(ifstr ? (fstr = slapi_ch_strdup(ifstr)) : NULL); if(scope == LDAP_SCOPE_BASE) filter->f_flags |= (SLAPI_FILTER_LDAPSUBENTRY | SLAPI_FILTER_TOMBSTONE); if (NULL == filter) { |