From: Howard Chu Date: Tue, 26 Mar 2019 11:17:30 +0000 (+0000) Subject: ITS#8999 fix telephoneNumberNormalize, cert DN validation X-Git-Tag: OPENLDAP_REL_ENG_2_4_48~73 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1d23a7a72920b4abb1b58342c3af52e3eaf1b0b4;p=thirdparty%2Fopenldap.git ITS#8999 fix telephoneNumberNormalize, cert DN validation --- diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 643cecde21..edd38a6911 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -2235,7 +2235,7 @@ telephoneNumberNormalize( struct berval *normalized, void *ctx ) { - char *p, *q; + char *p, *q, *end; assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) != 0 ); @@ -2247,7 +2247,8 @@ telephoneNumberNormalize( q = normalized->bv_val = slap_sl_malloc( val->bv_len + 1, ctx ); - for( p = val->bv_val; *p; p++ ) { + end = val->bv_val + val->bv_len; + for( p = val->bv_val; *p && p < end; p++ ) { if ( ! ( ASCII_SPACE( *p ) || *p == '-' )) { *q++ = *p; } @@ -3680,7 +3681,10 @@ certificateExactNormalize( bvdn.bv_len = val->bv_len - len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } } normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" ) @@ -4168,7 +4172,10 @@ certificateListExactNormalize( bvtu.bv_len = len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } thisUpdate.bv_val = tubuf; thisUpdate.bv_len = sizeof(tubuf); @@ -4820,7 +4827,10 @@ attributeCertificateExactNormalize( bvdn.bv_val = val->bv_val + len; bvdn.bv_len = val->bv_len - len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } tag = ber_skip_tag( ber, &len ); /* sequence of RDN */ ber_skip_data( ber, len );