Commit 0146b084 authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

import fix to slapd invalid cookie in pagedResults control (ITS#3089)

parent 81e0f286
...@@ -3,6 +3,7 @@ OpenLDAP 2.1 Change Log ...@@ -3,6 +3,7 @@ OpenLDAP 2.1 Change Log
OpenLDAP 2.1.31 Engineering OpenLDAP 2.1.31 Engineering
Fixed slapd extended match memory leak (ITS#3146) Fixed slapd extended match memory leak (ITS#3146)
Fixed slapd abandon/cancel pending bug (ITS#3160) Fixed slapd abandon/cancel pending bug (ITS#3160)
Fixed slapd invalid cookie in pagedResults control (ITS#3089)
Fixed libldap matchedValues parsing bug (ITS#3216) Fixed libldap matchedValues parsing bug (ITS#3216)
OpenLDAP 2.1.30 Release OpenLDAP 2.1.30 Release
......
...@@ -644,10 +644,12 @@ static int parsePagedResults ( ...@@ -644,10 +644,12 @@ static int parsePagedResults (
LDAPControl *ctrl, LDAPControl *ctrl,
const char **text ) const char **text )
{ {
ber_tag_t tag;
ber_int_t size; int rc = LDAP_SUCCESS;
BerElement *ber; ber_tag_t tag;
struct berval cookie = { 0, NULL }; ber_int_t size;
BerElement *ber;
struct berval cookie = { 0, NULL };
if ( op->o_pagedresults != SLAP_NO_CONTROL ) { if ( op->o_pagedresults != SLAP_NO_CONTROL ) {
*text = "paged results control specified multiple times"; *text = "paged results control specified multiple times";
...@@ -674,16 +676,17 @@ static int parsePagedResults ( ...@@ -674,16 +676,17 @@ static int parsePagedResults (
} }
tag = ber_scanf( ber, "{im}", &size, &cookie ); tag = ber_scanf( ber, "{im}", &size, &cookie );
(void) ber_free( ber, 1 );
if( tag == LBER_ERROR ) { if( tag == LBER_ERROR ) {
*text = "paged results control could not be decoded"; *text = "paged results control could not be decoded";
return LDAP_PROTOCOL_ERROR; rc = LDAP_PROTOCOL_ERROR;
goto done;
} }
if( size < 0 ) { if( size < 0 ) {
*text = "paged results control size invalid"; *text = "paged results control size invalid";
return LDAP_PROTOCOL_ERROR; rc = LDAP_PROTOCOL_ERROR;
goto done;
} }
if( cookie.bv_len ) { if( cookie.bv_len ) {
...@@ -691,7 +694,8 @@ static int parsePagedResults ( ...@@ -691,7 +694,8 @@ static int parsePagedResults (
if( cookie.bv_len != sizeof( reqcookie ) ) { if( cookie.bv_len != sizeof( reqcookie ) ) {
/* bad cookie */ /* bad cookie */
*text = "paged results cookie is invalid"; *text = "paged results cookie is invalid";
return LDAP_PROTOCOL_ERROR; rc = LDAP_PROTOCOL_ERROR;
goto done;
} }
AC_MEMCPY( &reqcookie, cookie.bv_val, sizeof( reqcookie )); AC_MEMCPY( &reqcookie, cookie.bv_val, sizeof( reqcookie ));
...@@ -699,11 +703,13 @@ static int parsePagedResults ( ...@@ -699,11 +703,13 @@ static int parsePagedResults (
if( reqcookie > op->o_pagedresults_state.ps_cookie ) { if( reqcookie > op->o_pagedresults_state.ps_cookie ) {
/* bad cookie */ /* bad cookie */
*text = "paged results cookie is invalid"; *text = "paged results cookie is invalid";
return LDAP_PROTOCOL_ERROR; rc = LDAP_PROTOCOL_ERROR;
goto done;
} else if( reqcookie < op->o_pagedresults_state.ps_cookie ) { } else if( reqcookie < op->o_pagedresults_state.ps_cookie ) {
*text = "paged results cookie is invalid or old"; *text = "paged results cookie is invalid or old";
return LDAP_UNWILLING_TO_PERFORM; rc = LDAP_UNWILLING_TO_PERFORM;
goto done;
} }
} else { } else {
/* Initial request. Initialize state. */ /* Initial request. Initialize state. */
...@@ -717,7 +723,9 @@ static int parsePagedResults ( ...@@ -717,7 +723,9 @@ static int parsePagedResults (
? SLAP_CRITICAL_CONTROL ? SLAP_CRITICAL_CONTROL
: SLAP_NONCRITICAL_CONTROL; : SLAP_NONCRITICAL_CONTROL;
return LDAP_SUCCESS; done:;
(void)ber_free( ber, 1 );
return rc;
} }
#endif #endif
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment