From ad8552363f6398de6bfd09829ab18585313bb8df Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Thu, 2 Feb 2012 14:14:15 -0800 Subject: [PATCH] Trac Ticket #275 - Invalid read reported by valgrind https://fedorahosted.org/389/ticket/275 Fix description: Since the matching rule type could be normalized and the original string could be freed in filter_normalize_ext, the type needs to have a duplicated string (bitwise.c, plugin_mr.c). Filter_ava functions and filter_sub functions in the syntax plugins need to check if the passed pblock is NULL or not before accessing it. --- ldap/servers/plugins/bitwise/bitwise.c | 3 ++- ldap/servers/plugins/syntaxes/bitstring.c | 14 ++++++++------ ldap/servers/plugins/syntaxes/ces.c | 11 +++++++---- ldap/servers/plugins/syntaxes/cis.c | 11 +++++++---- ldap/servers/plugins/syntaxes/deliverymethod.c | 11 +++++++---- ldap/servers/plugins/syntaxes/dn.c | 9 ++++++--- ldap/servers/plugins/syntaxes/facsimile.c | 11 +++++++---- ldap/servers/plugins/syntaxes/guide.c | 11 +++++++---- ldap/servers/plugins/syntaxes/int.c | 9 ++++++--- ldap/servers/plugins/syntaxes/nameoptuid.c | 11 +++++++---- ldap/servers/plugins/syntaxes/numericstring.c | 9 ++++++--- ldap/servers/plugins/syntaxes/sicis.c | 11 +++++++---- ldap/servers/plugins/syntaxes/string.c | 17 +++++++++++------ ldap/servers/plugins/syntaxes/tel.c | 11 +++++++---- ldap/servers/plugins/syntaxes/teletex.c | 11 +++++++---- ldap/servers/plugins/syntaxes/telex.c | 9 ++++++--- ldap/servers/slapd/plugin_mr.c | 8 ++++---- ldap/servers/slapd/search.c | 3 +++ 18 files changed, 115 insertions(+), 65 deletions(-) diff --git a/ldap/servers/plugins/bitwise/bitwise.c b/ldap/servers/plugins/bitwise/bitwise.c index 190e26d..4672541 100644 --- a/ldap/servers/plugins/bitwise/bitwise.c +++ b/ldap/servers/plugins/bitwise/bitwise.c @@ -69,7 +69,7 @@ static struct bitwise_match_cb * new_bitwise_match_cb(char *type, struct berval *val) { struct bitwise_match_cb *bmc = (struct bitwise_match_cb *)slapi_ch_calloc(1, sizeof(struct bitwise_match_cb)); - bmc->type = type; + bmc->type = slapi_ch_strdup(type); bmc->val = val; return bmc; @@ -78,6 +78,7 @@ new_bitwise_match_cb(char *type, struct berval *val) static void delete_bitwise_match_cb(struct bitwise_match_cb *bmc) { + slapi_ch_free_string(&bmc->type); slapi_ch_free((void **)&bmc); } diff --git a/ldap/servers/plugins/syntaxes/bitstring.c b/ldap/servers/plugins/syntaxes/bitstring.c index 2366ffd..15e946b 100644 --- a/ldap/servers/plugins/syntaxes/bitstring.c +++ b/ldap/servers/plugins/syntaxes/bitstring.c @@ -153,17 +153,19 @@ bitstring_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CES; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } - return( string_filter_ava( bvfilter, bvals, syntax, - ftype, retVal ) ); + return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); } diff --git a/ldap/servers/plugins/syntaxes/ces.c b/ldap/servers/plugins/syntaxes/ces.c index 0571836..626cb7c 100644 --- a/ldap/servers/plugins/syntaxes/ces.c +++ b/ldap/servers/plugins/syntaxes/ces.c @@ -297,14 +297,17 @@ ces_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CES; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal) ); diff --git a/ldap/servers/plugins/syntaxes/cis.c b/ldap/servers/plugins/syntaxes/cis.c index 71e7a7c..c914fd6 100644 --- a/ldap/servers/plugins/syntaxes/cis.c +++ b/ldap/servers/plugins/syntaxes/cis.c @@ -561,14 +561,17 @@ cis_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/deliverymethod.c b/ldap/servers/plugins/syntaxes/deliverymethod.c index 99ee59a..a763874 100644 --- a/ldap/servers/plugins/syntaxes/deliverymethod.c +++ b/ldap/servers/plugins/syntaxes/deliverymethod.c @@ -118,14 +118,17 @@ delivery_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/dn.c b/ldap/servers/plugins/syntaxes/dn.c index bcf951a..37c1fba 100644 --- a/ldap/servers/plugins/syntaxes/dn.c +++ b/ldap/servers/plugins/syntaxes/dn.c @@ -153,9 +153,12 @@ dn_filter_ava( Slapi_PBlock *pb, struct berval *bvfilter, { int filter_normalized = 0; int syntax = SYNTAX_CIS | SYNTAX_DN; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); } diff --git a/ldap/servers/plugins/syntaxes/facsimile.c b/ldap/servers/plugins/syntaxes/facsimile.c index 21db4b1..cb57f1e 100644 --- a/ldap/servers/plugins/syntaxes/facsimile.c +++ b/ldap/servers/plugins/syntaxes/facsimile.c @@ -118,14 +118,17 @@ facsimile_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/guide.c b/ldap/servers/plugins/syntaxes/guide.c index 3222083..a870c87 100644 --- a/ldap/servers/plugins/syntaxes/guide.c +++ b/ldap/servers/plugins/syntaxes/guide.c @@ -165,14 +165,17 @@ guide_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/int.c b/ldap/servers/plugins/syntaxes/int.c index e8b8817..e6fc09c 100644 --- a/ldap/servers/plugins/syntaxes/int.c +++ b/ldap/servers/plugins/syntaxes/int.c @@ -167,9 +167,12 @@ int_filter_ava( Slapi_PBlock *pb, struct berval *bvfilter, { int filter_normalized = 0; int syntax = SYNTAX_INT | SYNTAX_CES; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/nameoptuid.c b/ldap/servers/plugins/syntaxes/nameoptuid.c index b5a615e..e6341e1 100644 --- a/ldap/servers/plugins/syntaxes/nameoptuid.c +++ b/ldap/servers/plugins/syntaxes/nameoptuid.c @@ -158,14 +158,17 @@ nameoptuid_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS | SYNTAX_DN; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/numericstring.c b/ldap/servers/plugins/syntaxes/numericstring.c index 4da67a6..93528fb 100644 --- a/ldap/servers/plugins/syntaxes/numericstring.c +++ b/ldap/servers/plugins/syntaxes/numericstring.c @@ -173,9 +173,12 @@ numstr_filter_ava( Slapi_PBlock *pb, struct berval *bvfilter, { int filter_normalized = 0; int syntax = SYNTAX_SI | SYNTAX_CES; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/sicis.c b/ldap/servers/plugins/syntaxes/sicis.c index 3608d2c..74074b9 100644 --- a/ldap/servers/plugins/syntaxes/sicis.c +++ b/ldap/servers/plugins/syntaxes/sicis.c @@ -121,14 +121,17 @@ sicis_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_SI | SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/string.c b/ldap/servers/plugins/syntaxes/string.c index 3840c2e..80a1a46 100644 --- a/ldap/servers/plugins/syntaxes/string.c +++ b/ldap/servers/plugins/syntaxes/string.c @@ -236,9 +236,10 @@ string_filter_sub( Slapi_PBlock *pb, char *initial, char **any, char *final, int free_re = 1; struct subfilt *sf = NULL; - LDAPDebug( LDAP_DEBUG_FILTER, "=> string_filter_sub\n", - 0, 0, 0 ); - slapi_pblock_get( pb, SLAPI_OPERATION, &op ); + LDAPDebug( LDAP_DEBUG_FILTER, "=> string_filter_sub\n", 0, 0, 0 ); + if (pb) { + slapi_pblock_get( pb, SLAPI_OPERATION, &op ); + } if (NULL != op) { slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit ); slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime ); @@ -251,8 +252,10 @@ string_filter_sub( Slapi_PBlock *pb, char *initial, char **any, char *final, */ time_up = ( timelimit==-1 ? -1 : optime + timelimit); - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_DATA, &sf ); + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_DATA, &sf ); + } if ( sf ) { re = (Slapi_Regex *)sf->sf_private; if ( re ) { @@ -757,7 +760,9 @@ string_assertion2keys_sub( char *oaltfinal = NULL; int anysize = 0; - slapi_pblock_get(pb, SLAPI_SYNTAX_SUBSTRLENS, &substrlens); + if (pb) { + slapi_pblock_get(pb, SLAPI_SYNTAX_SUBSTRLENS, &substrlens); + } if (NULL == substrlens) { substrlens = localsublens; diff --git a/ldap/servers/plugins/syntaxes/tel.c b/ldap/servers/plugins/syntaxes/tel.c index 65b6ddd..b1e7da5 100644 --- a/ldap/servers/plugins/syntaxes/tel.c +++ b/ldap/servers/plugins/syntaxes/tel.c @@ -179,14 +179,17 @@ tel_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_TEL | SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/teletex.c b/ldap/servers/plugins/syntaxes/teletex.c index 3e328a9..b70a193 100644 --- a/ldap/servers/plugins/syntaxes/teletex.c +++ b/ldap/servers/plugins/syntaxes/teletex.c @@ -118,14 +118,17 @@ teletex_filter_ava( struct berval *bvfilter, Slapi_Value **bvals, int ftype, - Slapi_Value **retVal + Slapi_Value **retVal ) { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/plugins/syntaxes/telex.c b/ldap/servers/plugins/syntaxes/telex.c index 6803810..1254f88 100644 --- a/ldap/servers/plugins/syntaxes/telex.c +++ b/ldap/servers/plugins/syntaxes/telex.c @@ -122,9 +122,12 @@ telex_filter_ava( { int filter_normalized = 0; int syntax = SYNTAX_CIS; - slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, &filter_normalized ); - if (filter_normalized) { - syntax |= SYNTAX_NORM_FILT; + if (pb) { + slapi_pblock_get( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); + if (filter_normalized) { + syntax |= SYNTAX_NORM_FILT; + } } return( string_filter_ava( bvfilter, bvals, syntax, ftype, retVal ) ); diff --git a/ldap/servers/slapd/plugin_mr.c b/ldap/servers/slapd/plugin_mr.c index 12dece7..ff962ef 100644 --- a/ldap/servers/slapd/plugin_mr.c +++ b/ldap/servers/slapd/plugin_mr.c @@ -59,7 +59,7 @@ struct mr_private { below are not used */ const struct slapdplugin *pi; /* our plugin */ const char *oid; /* orig oid */ - const char *type; /* orig type from filter */ + char *type; /* orig type from filter */ const struct berval *value; /* orig value from filter */ int ftype; /* filter type */ int op; /* query op type */ @@ -244,7 +244,7 @@ mr_private_new(const struct slapdplugin *pi, const char *oid, const char *type, mrpriv = (struct mr_private *)slapi_ch_calloc(1, sizeof(struct mr_private)); mrpriv->pi = pi; mrpriv->oid = oid; /* should be consistent for lifetime of usage - no copy necessary */ - mrpriv->type = type; /* should be consistent for lifetime of usage - no copy necessary */ + mrpriv->type = slapi_ch_strdup(type); /* should be consistent for lifetime of usage - copy it since it could be normalized in filter_normalize_ext */ mrpriv->value = value; /* should be consistent for lifetime of usage - no copy necessary */ mrpriv->ftype = ftype; mrpriv->op = op; @@ -271,7 +271,7 @@ mr_private_done(struct mr_private *mrpriv) if (mrpriv) { mrpriv->pi = NULL; mrpriv->oid = NULL; - mrpriv->type = NULL; + slapi_ch_free_string(&mrpriv->type); mrpriv->value = NULL; mrpriv->ftype = 0; mrpriv->op = 0; @@ -388,7 +388,7 @@ default_mr_filter_match(void *obj, Slapi_Entry *e, Slapi_Attr *attr) for (; (rc == -1) && (attr != NULL); slapi_entry_next_attr(e, attr, &attr)) { char* type = NULL; if (!slapi_attr_get_type (attr, &type) && type != NULL && - !slapi_attr_type_cmp (mrpriv->type, type, 2/*match subtypes*/)) { + !slapi_attr_type_cmp ((const char *)mrpriv->type, type, 2/*match subtypes*/)) { Slapi_Value **vals = attr_get_present_values(attr); #ifdef SUPPORT_MR_SUBSTRING_MATCHING if (mrpriv->ftype == LDAP_FILTER_SUBSTRINGS) { diff --git a/ldap/servers/slapd/search.c b/ldap/servers/slapd/search.c index 5beb8ce..df3f7ef 100644 --- a/ldap/servers/slapd/search.c +++ b/ldap/servers/slapd/search.c @@ -81,6 +81,7 @@ do_search( Slapi_PBlock *pb ) int rc = -1; int strict = 0; int minssf_exclude_rootdse = 0; + int filter_normalized = 0; LDAPDebug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 ); @@ -386,6 +387,8 @@ do_search( Slapi_PBlock *pb ) slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, &scope ); slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, &deref ); slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, filter ); + slapi_pblock_set( pb, SLAPI_PLUGIN_SYNTAX_FILTER_NORMALIZED, + &filter_normalized ); slapi_pblock_set( pb, SLAPI_SEARCH_STRFILTER, fstr ); slapi_pblock_set( pb, SLAPI_SEARCH_ATTRS, attrs ); slapi_pblock_set( pb, SLAPI_SEARCH_GERATTRS, gerattrs ); -- 1.7.4.4