import fix to slapd invalid cookie in pagedResults control (ITS#3089)

diff --git a/CHANGES b/CHANGES
index 90462ef6617e4290557cadfc547de7d69128df61..b7dabae9bcb31cfe9c9da8155d2445f6e17a2b2b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,7 @@ OpenLDAP 2.1 Change Log
 OpenLDAP 2.1.31 Engineering
        Fixed slapd extended match memory leak (ITS#3146)
        Fixed slapd abandon/cancel pending bug (ITS#3160)
+       Fixed slapd invalid cookie in pagedResults control (ITS#3089)
        Fixed libldap matchedValues parsing bug (ITS#3216)
 
 OpenLDAP 2.1.30 Release

diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index c4b726d79b62da009749adae3cd40267125cc3b1..93934666ed4b58704bd382d281664df374ad6b06 100644 (file)
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -644,10 +644,12 @@ static int parsePagedResults (
        LDAPControl *ctrl,
        const char **text )
 {
-       ber_tag_t tag;
-       ber_int_t size;
-       BerElement *ber;
-       struct berval cookie = { 0, NULL };
+
+       int             rc = LDAP_SUCCESS;
+       ber_tag_t       tag;
+       ber_int_t       size;
+       BerElement      *ber;
+       struct berval   cookie = { 0, NULL };
 
        if ( op->o_pagedresults != SLAP_NO_CONTROL ) {
                *text = "paged results control specified multiple times";
@@ -674,16 +676,17 @@ static int parsePagedResults (
        }
 
        tag = ber_scanf( ber, "{im}", &size, &cookie );
-       (void) ber_free( ber, 1 );
 
        if( tag == LBER_ERROR ) {
                *text = "paged results control could not be decoded";
-               return LDAP_PROTOCOL_ERROR;
+               rc = LDAP_PROTOCOL_ERROR;
+               goto done;
        }
 
        if( size < 0 ) {
                *text = "paged results control size invalid";
-               return LDAP_PROTOCOL_ERROR;
+               rc = LDAP_PROTOCOL_ERROR;
+               goto done;
        }
 
        if( cookie.bv_len ) {
@@ -691,7 +694,8 @@ static int parsePagedResults (
                if( cookie.bv_len != sizeof( reqcookie ) ) {
                        /* bad cookie */
                        *text = "paged results cookie is invalid";
-                       return LDAP_PROTOCOL_ERROR;
+                       rc = LDAP_PROTOCOL_ERROR;
+                       goto done;
                }
 
                AC_MEMCPY( &reqcookie, cookie.bv_val, sizeof( reqcookie ));
@@ -699,11 +703,13 @@ static int parsePagedResults (
                if( reqcookie > op->o_pagedresults_state.ps_cookie ) {
                        /* bad cookie */
                        *text = "paged results cookie is invalid";
-                       return LDAP_PROTOCOL_ERROR;
+                       rc = LDAP_PROTOCOL_ERROR;
+                       goto done;
 
                } else if( reqcookie < op->o_pagedresults_state.ps_cookie ) {
                        *text = "paged results cookie is invalid or old";
-                       return LDAP_UNWILLING_TO_PERFORM;
+                       rc = LDAP_UNWILLING_TO_PERFORM;
+                       goto done;
                }
        } else {
                /* Initial request.  Initialize state. */
@@ -717,7 +723,9 @@ static int parsePagedResults (
                ? SLAP_CRITICAL_CONTROL
                : SLAP_NONCRITICAL_CONTROL;
 
-       return LDAP_SUCCESS;
+done:;
+       (void)ber_free( ber, 1 );
+       return rc;
 }
 #endif