From: Howard Chu <hyc@openldap.org>
Date: Thu, 20 Oct 2022 11:20:00 +0000 (+0100)
Subject: ITS#9935 slapd UTF8StringValidate: fix read past end of string
X-Git-Tag: OPENLDAP_REL_ENG_2_5_14~57
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=107fa930551856ce6467411cea0b6d64d92a4eed;p=thirdparty%2Fopenldap.git

ITS#9935 slapd UTF8StringValidate: fix read past end of string

Harmless, length check at end of routine would have returned an
error anyway.
---

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index d753936d08..4564043826 100644
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -1823,6 +1823,8 @@ UTF8StringValidate(
 	for( ; u < end; u += len ) {
 		/* get the length indicated by the first byte */
 		len = LDAP_UTF8_CHARLEN2( u, len );
+		if ( u + len > end )
+			return LDAP_INVALID_SYNTAX;
 
 		/* very basic checks */
 		switch( len ) {