From 1d23a7a72920b4abb1b58342c3af52e3eaf1b0b4 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Tue, 26 Mar 2019 11:17:30 +0000 Subject: [PATCH] ITS#8999 fix telephoneNumberNormalize, cert DN validation --- servers/slapd/schema_init.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 643cecde21..edd38a6911 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -2235,7 +2235,7 @@ telephoneNumberNormalize( struct berval *normalized, void *ctx ) { - char *p, *q; + char *p, *q, *end; assert( SLAP_MR_IS_VALUE_OF_SYNTAX( usage ) != 0 ); @@ -2247,7 +2247,8 @@ telephoneNumberNormalize( q = normalized->bv_val = slap_sl_malloc( val->bv_len + 1, ctx ); - for( p = val->bv_val; *p; p++ ) { + end = val->bv_val + val->bv_len; + for( p = val->bv_val; *p && p < end; p++ ) { if ( ! ( ASCII_SPACE( *p ) || *p == '-' )) { *q++ = *p; } @@ -3680,7 +3681,10 @@ certificateExactNormalize( bvdn.bv_len = val->bv_len - len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } } normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" ) @@ -4168,7 +4172,10 @@ certificateListExactNormalize( bvtu.bv_len = len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } thisUpdate.bv_val = tubuf; thisUpdate.bv_len = sizeof(tubuf); @@ -4820,7 +4827,10 @@ attributeCertificateExactNormalize( bvdn.bv_val = val->bv_val + len; bvdn.bv_len = val->bv_len - len; rc = dnX509normalize( &bvdn, &issuer_dn ); - if ( rc != LDAP_SUCCESS ) goto done; + if ( rc != LDAP_SUCCESS ) { + rc = LDAP_INVALID_SYNTAX; + goto done; + } tag = ber_skip_tag( ber, &len ); /* sequence of RDN */ ber_skip_data( ber, len ); -- 2.47.2