diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2005-08-30 21:21:20 +0000 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2005-08-30 21:21:20 +0000 |
| commit | 016e69cc4cad43d781c497fd9d49b306350a7c40 (patch) | |
| tree | bbc30a363b90aa0ac2eda2490825e43ea27768aa | |
| parent | 5fcb395f5579d83f229fb2a28fd0b1f9dbb50fa8 (diff) | |
| download | ds-016e69cc4cad43d781c497fd9d49b306350a7c40.tar.gz ds-016e69cc4cad43d781c497fd9d49b306350a7c40.tar.xz ds-016e69cc4cad43d781c497fd9d49b306350a7c40.zip | |
Bug(s) fixed: 165641
Bug Description: ./ns-slapd crashes on bind containing invalid dn and password
Reviewed by: Noriko (Thanks!)
Branch: HEAD
Fix Description: It's really crashing on the search request. The problem is that the server assumes all strings are encoded in utf8 format, since that is the only encoding allowed by the LDAP standards. Non-utf8 works in most places except the function slapi_utf8StrToLower(), which returns NULL given a string of non-utf8 bytes. The fix for this particular problem is to check for a NULL return value and handle accordingly.
The real solution to this problem would be for the server to check for valid utf8 strings in _all_ LDAP data, according to the syntax of the attribute (e.g. for binary or octet string syntax data, and other binary formats, all bets are off, but then we shouldn't be doing strtolower on these blobs either).
And, while we're at it, add data validation based on syntax for _all_ attributes e.g. in a pre-op.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
| -rw-r--r-- | ldap/servers/slapd/back-ldbm/ldbm_attr.c | 2 | ||||
| -rw-r--r-- | ldap/servers/slapd/filtercmp.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attr.c b/ldap/servers/slapd/back-ldbm/ldbm_attr.c index af53e796..d6a3d169 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_attr.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_attr.c @@ -632,7 +632,7 @@ ldbm_compute_rewriter(Slapi_PBlock *pb) if ( NULL != fstr ) { char *lc_fstr = (char *)slapi_utf8StrToLower( (unsigned char *)fstr ); - if (string_find(lc_fstr,"subordinates")) { + if (lc_fstr && string_find(lc_fstr,"subordinates")) { Slapi_Filter *f = NULL; /* Look for special filters we want to leave alone */ if (0 == strcmp(lc_fstr, "(&(numsubordinates=*)(numsubordinates>=1))" )) { diff --git a/ldap/servers/slapd/filtercmp.c b/ldap/servers/slapd/filtercmp.c index b820563e..78ce6d59 100644 --- a/ldap/servers/slapd/filtercmp.c +++ b/ldap/servers/slapd/filtercmp.c @@ -64,7 +64,8 @@ static PRUint32 addhash_casestr(PRUint32 hash, char *data) unsigned char *normstr; normstr = slapi_utf8StrToLower((unsigned char *)data); - hash = addhash(hash, normstr, strlen((char *)normstr)); + hash = addhash(hash, normstr, + normstr ? strlen((char *)normstr) : 0); if ((char *)normstr != data) slapi_ch_free((void **)&normstr); return hash; |