diff options
author | Noriko Hosoi <nhosoi@redhat.com> | 2008-06-30 17:28:16 +0000 |
---|---|---|
committer | Noriko Hosoi <nhosoi@redhat.com> | 2008-06-30 17:28:16 +0000 |
commit | ab2d605d10f34442cb561bf0d88d1e497f0eb0f4 (patch) | |
tree | b9f44d6f67ea199e2e2edef09ce29fba6c275e39 /ldap/servers/plugins/acl | |
parent | 70425fbcea96d1b477fea27eca67fb7e828c446e (diff) | |
download | ds-ab2d605d10f34442cb561bf0d88d1e497f0eb0f4.tar.gz ds-ab2d605d10f34442cb561bf0d88d1e497f0eb0f4.tar.xz ds-ab2d605d10f34442cb561bf0d88d1e497f0eb0f4.zip |
Resoves: #448831
Summary: attacker can tie up CPU in regex code
Description: when substring search is requested, sets the time limit based upon
the nsslapd-timelimit value. Pass the timelimit (time_up) to the regular
expression function. When the time is up, it returns the "Timelimit exceeded"
error. Note: timelimit is applied non-Directory Manager users.
Diffstat (limited to 'ldap/servers/plugins/acl')
-rw-r--r-- | ldap/servers/plugins/acl/acl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c index 120e70db..5262ca3e 100644 --- a/ldap/servers/plugins/acl/acl.c +++ b/ldap/servers/plugins/acl/acl.c @@ -3253,7 +3253,7 @@ acl_match_substring ( Slapi_Filter *f, char *str, int exact_match) ** matching, it seems that step() is leaking 1036 bytes/search ** I couldn't figure out why it's leaking. */ - rc = slapd_re_exec( realval ); + rc = slapd_re_exec( realval, -1 /* no timelimit */ ); slapd_re_unlock(); |