From fbf78f7345b77932dbee86c68ffbe4a13ffc6c8f Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Tue, 15 Jul 2014 14:07:56 -0400 Subject: [PATCH] Ticket 47790 - Integer config attributes accept invalid values at server startup Bug Description: Manually editing the dse.ldif allows invalid values to be set for some configuration attributes Fix Description: Check integer config values to make sure they are numbers. https://fedorahosted.org/389/ticket/47790 Jenkins: passed Reviewed by: ? --- ldap/schema/01core389.ldif | 2 +- ldap/servers/slapd/libglobs.c | 103 ++++++++++++++++++++++++++++++++---------- 2 files changed, 81 insertions(+), 24 deletions(-) diff --git a/ldap/schema/01core389.ldif b/ldap/schema/01core389.ldif index 0e0e75f..1b8a70b 100644 --- a/ldap/schema/01core389.ldif +++ b/ldap/schema/01core389.ldif @@ -285,7 +285,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2290 NAME 'nsslapd-disk-monitoring-thres attributeTypes: ( 2.16.840.1.113730.3.1.2291 NAME 'nsslapd-disk-monitoring-grace-period' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) attributeTypes: ( 2.16.840.1.113730.3.1.2292 NAME 'nsslapd-disk-monitoring-logging-critical' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) attributeTypes: ( 2.16.840.1.113730.3.1.2293 NAME 'nsslapd-ndn-cache-enabled' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) -attributeTypes: ( 2.16.840.1.113730.3.1.2294 NAME 'nsslapd-ndn-cache-max-size' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) +attributeTypes: ( 2.16.840.1.113730.3.1.2294 NAME 'nsslapd-ndn-cache-max-size' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) attributeTypes: ( 2.16.840.1.113730.3.1.2295 NAME 'nsslapd-allowed-sasl-mechanisms' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) attributeTypes: ( 2.16.840.1.113730.3.1.2296 NAME 'nsslapd-ignore-virtual-attrs' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) attributeTypes: ( 2.16.840.1.113730.3.1.2297 NAME 'nsslapd-search-return-original-type-switch' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' ) diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index e890aed..b437112 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -1746,7 +1746,6 @@ config_set_disk_threshold( const char *attrname, char *value, char *errorbuf, in errno = 0; threshold = strtoll(value, &endp, 10); - if ( *endp != '\0' || threshold <= 4096 || errno == ERANGE ) { PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is invalid, threshold must be greater than 4096 and less then %lld", @@ -1788,8 +1787,7 @@ config_set_disk_grace_period( const char *attrname, char *value, char *errorbuf, } period = strtol(value, &endp, 10); - - if ( *endp != '\0' || period < 1 ) { + if ( *endp != '\0' || period < 1 || errno == ERANGE ) { PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is invalid, grace period must be at least 1 minute", attrname, value); retVal = LDAP_OPERATIONS_ERROR; @@ -1821,9 +1819,17 @@ config_set_ndn_cache_max_size(const char *attrname, char *value, char *errorbuf, { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); int retVal = LDAP_SUCCESS; + char *endp; long size; - size = atol(value); + size = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + retVal = LDAP_OPERATIONS_ERROR; + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return retVal; + } + if(size < 0){ size = 0; /* same as -1 */ } @@ -1846,13 +1852,21 @@ config_set_sasl_maxbufsize(const char *attrname, char *value, char *errorbuf, in { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); int retVal = LDAP_SUCCESS; - int default_size = atoi(DEFAULT_SASL_MAXBUFSIZE); - int size; + long default_size = atol(DEFAULT_SASL_MAXBUFSIZE); + long size; + char *endp; + + size = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + retVal = LDAP_OPERATIONS_ERROR; + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return retVal; + } - size = atoi(value); if(size < default_size){ - PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "nsslapd-sasl-max-buffer-size is too low (%d), " - "setting to default value (%d).\n",size, default_size); + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "nsslapd-sasl-max-buffer-size is too low (%ld), " + "setting to default value (%ld).\n",size, default_size); size = default_size; } if(apply){ @@ -1888,7 +1902,6 @@ config_set_port( const char *attrname, char *port, char *errorbuf, int apply ) { errno = 0; nPort = strtol(port, &endp, 10); - if ( *endp != '\0' || errno == ERANGE || nPort > LDAP_PORT_MAX || nPort < 0 ) { retVal = LDAP_OPERATIONS_ERROR; PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, @@ -1898,8 +1911,7 @@ config_set_port( const char *attrname, char *port, char *errorbuf, int apply ) { } if ( nPort == 0 ) { - LDAPDebug( LDAP_DEBUG_ANY, - "Information: Non-Secure Port Disabled\n", 0, 0, 0 ); + LDAPDebug( LDAP_DEBUG_ANY, "Information: Non-Secure Port Disabled\n", 0, 0, 0 ); } if ( apply ) { @@ -1926,7 +1938,6 @@ config_set_secureport( const char *attrname, char *port, char *errorbuf, int app errno = 0; nPort = strtol(port, &endp, 10); - if (*endp != '\0' || errno == ERANGE || nPort > LDAP_PORT_MAX || nPort <= 0 ) { retVal = LDAP_OPERATIONS_ERROR; PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, @@ -2573,7 +2584,7 @@ config_set_pw_minlength( const char *attrname, char *value, char *errorbuf, int if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } - + errno = 0; minLength = strtol(value, &endp, 10); @@ -2960,7 +2971,7 @@ config_set_pw_inhistory( const char *attrname, char *value, char *errorbuf, int if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } - + errno = 0; history = strtol(value, &endp, 10); @@ -3157,6 +3168,7 @@ config_set_pw_gracelimit( const char *attrname, char *value, char *errorbuf, int if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } + errno = 0; gracelimit = strtol(value, &endp, 10); @@ -4107,7 +4119,7 @@ config_set_timelimit( const char *attrname, char *value, char *errorbuf, int app if ( config_value_is_null( attrname, value, errorbuf, 1 )) { return LDAP_OPERATIONS_ERROR; } - + errno = 0; nVal = strtol(value, &endp, 10); @@ -5747,18 +5759,29 @@ config_set_maxbersize( const char *attrname, char *value, char *errorbuf, int ap { int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + long size; + char *endp; if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } + errno = 0; + size = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + retVal = LDAP_OPERATIONS_ERROR; + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return retVal; + } + if ( !apply ) { return retVal; } CFG_LOCK_WRITE(slapdFrontendConfig); - slapdFrontendConfig->maxbersize = atoi(value); + slapdFrontendConfig->maxbersize = size; CFG_UNLOCK_WRITE(slapdFrontendConfig); return retVal; @@ -5789,6 +5812,7 @@ config_set_maxsasliosize( const char *attrname, char *value, char *errorbuf, int return LDAP_OPERATIONS_ERROR; } + errno = 0; maxsasliosize = strtol(value, &endptr, 10); /* Check for non-numeric garbage in the value */ @@ -5842,6 +5866,7 @@ config_set_localssf( const char *attrname, char *value, char *errorbuf, int appl return LDAP_OPERATIONS_ERROR; } + errno = 0; localssf = (int) strtol(value, &endptr, 10); /* Check for non-numeric garbage in the value */ @@ -5884,6 +5909,7 @@ config_set_minssf( const char *attrname, char *value, char *errorbuf, int apply return LDAP_OPERATIONS_ERROR; } + errno = 0; minssf = (int) strtol(value, &endptr, 10); /* Check for non-numeric garbage in the value */ @@ -5970,20 +5996,31 @@ config_set_max_filter_nest_level( const char *attrname, char *value, { int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + char *endp; + long level; if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } + errno = 0; + level = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + retVal = LDAP_OPERATIONS_ERROR; + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return retVal; + } + if ( !apply ) { return retVal; } #ifdef ATOMIC_GETSET_FILTER_NEST_LEVEL - PR_AtomicSet(&slapdFrontendConfig->max_filter_nest_level, atoi(value)); + PR_AtomicSet(&slapdFrontendConfig->max_filter_nest_level, level); #else CFG_LOCK_WRITE(slapdFrontendConfig); - slapdFrontendConfig->max_filter_nest_level = atoi(value); + slapdFrontendConfig->max_filter_nest_level = level; CFG_UNLOCK_WRITE(slapdFrontendConfig); #endif return retVal; @@ -6677,14 +6714,24 @@ config_set_outbound_ldap_io_timeout( const char *attrname, char *value, char *errorbuf, int apply ) { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + long timeout; + char *endp; if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } + errno = 0; + timeout = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return LDAP_OPERATIONS_ERROR; + } + if ( apply ) { CFG_LOCK_WRITE(slapdFrontendConfig); - slapdFrontendConfig->outbound_ldap_io_timeout = atoi( value ); + slapdFrontendConfig->outbound_ldap_io_timeout = timeout; CFG_UNLOCK_WRITE(slapdFrontendConfig); } return LDAP_SUCCESS; @@ -7253,7 +7300,7 @@ config_set_connection_buffer( const char *attrname, char *value, slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); if ( config_value_is_null( attrname, value, errorbuf, 0 )) { - return LDAP_OPERATIONS_ERROR; + return LDAP_OPERATIONS_ERROR; } if ((strcasecmp(value, "0") != 0) && (strcasecmp(value, "1") != 0) && @@ -7265,7 +7312,7 @@ config_set_connection_buffer( const char *attrname, char *value, } if ( !apply ) { - return retVal; + return retVal; } PR_AtomicSet(&slapdFrontendConfig->connection_buffer, atoi(value)); @@ -7277,13 +7324,23 @@ config_set_listen_backlog_size( const char *attrname, char *value, char *errorbuf, int apply ) { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + long size; + char *endp; if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } + errno = 0; + size = strtol(value, &endp, 10); + if ( *endp != '\0' || errno == ERANGE){ + PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "(%s) value (%s) " + "is invalid\n",attrname, value); + return LDAP_OPERATIONS_ERROR; + } + if ( apply ) { - PR_AtomicSet(&slapdFrontendConfig->listen_backlog_size, atoi(value)); + PR_AtomicSet(&slapdFrontendConfig->listen_backlog_size, size); } return LDAP_SUCCESS; } -- 1.9.3