Plug memory leak with dn.regex. Force error for "dn.=pattern".

More ITS#5734: Handle empty o_req_ndn. flags=>flags&LDAP_LIMITS_MASK in a test.

Plug memory leak with dn.regex. Force error for "dn.=pattern".
423096b6 · Quanah Gibson-Mount · d83863a0 · 423096b6
Commit 423096b6 authored 16 years ago by Quanah Gibson-Mount
--- a/servers/slapd/limits.c
+++ b/servers/slapd/limits.c
@@ -18,6 +18,7 @@

 #include <stdio.h>

+#include <ac/ctype.h>
 #include <ac/regex.h>
 #include <ac/string.h>

@@ -67,6 +68,7 @@ limits_get(
 	struct slap_limits_set 	**limit
 )
 {
+	static struct berval empty_dn = BER_BVC( "" );
 	struct slap_limits **lm;
 	struct berval		*ndns[2];

@@ -95,12 +97,19 @@ limits_get(
 		unsigned	isthis = type == SLAP_LIMITS_TYPE_THIS;
 		struct berval *ndn = ndns[isthis];

+		if ( style == SLAP_LIMITS_ANY )
+			goto found_any;
+
+		if ( BER_BVISEMPTY( ndn ) ) {
+			if ( style == SLAP_LIMITS_ANONYMOUS )
+				goto found_nodn;
+			if ( !isthis )
+				continue;
+			ndn = &empty_dn;
+		}
+
 		switch ( style ) {
 		case SLAP_LIMITS_EXACT:
-			if ( BER_BVISEMPTY( ndn ) ) {
-				break;
-			}
-
 			if ( type == SLAP_LIMITS_TYPE_GROUP ) {
 				int	rc = backend_group( op, NULL,
 						&lm[0]->lm_pat, ndn,
@@ -121,10 +130,6 @@ limits_get(
 		case SLAP_LIMITS_CHILDREN: {
 			ber_len_t d;
 			
-			if ( BER_BVISEMPTY( ndn ) ) {
-				break;
-			}
-
 			/* ndn shorter than lm_pat */
 			if ( ndn->bv_len < lm[0]->lm_pat.bv_len ) {
 				break;
@@ -159,33 +164,19 @@ limits_get(
 		}

 		case SLAP_LIMITS_REGEX:
-			if ( BER_BVISEMPTY( ndn ) ) {
-				break;
-			}
 			if ( regexec( &lm[0]->lm_regex, ndn->bv_val, 0, NULL, 0 ) == 0 ) {
 				goto found_dn;
 			}
 			break;

 		case SLAP_LIMITS_ANONYMOUS:
-			if ( BER_BVISEMPTY( ndn ) ) {
-				goto found;
-			}
 			break;

 		case SLAP_LIMITS_USERS:
-			if ( !BER_BVISEMPTY( ndn ) ) {
-				goto found;
-			}
-			break;
-
-		case SLAP_LIMITS_ANY:
-			*limit = &lm[0]->lm_limits;
-			return( 0 );
-
-		found:
+		found_nodn:
 			Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=%s match=%s\n",
 				dn_source[isthis], limits2str( style ), 0 );
+		found_any:
 			*limit = &lm[0]->lm_limits;
 			return( 0 );

@@ -258,7 +249,6 @@ limits_add(
 	case SLAP_LIMITS_ONE:
 	case SLAP_LIMITS_SUBTREE:
 	case SLAP_LIMITS_CHILDREN:
-		lm->lm_flags = style | type;
 		{
 			int rc;
 			struct berval bv;
@@ -274,7 +264,6 @@ limits_add(
 		break;
 		
 	case SLAP_LIMITS_REGEX:
-		lm->lm_flags = style | type;
 		ber_str2bv( pattern, 0, 1, &lm->lm_pat );
 		if ( regcomp( &lm->lm_regex, lm->lm_pat.bv_val, 
 					REG_EXTENDED | REG_ICASE ) ) {
@@ -287,7 +276,6 @@ limits_add(
 	case SLAP_LIMITS_ANONYMOUS:
 	case SLAP_LIMITS_USERS:
 	case SLAP_LIMITS_ANY:
-		lm->lm_flags = style | type;
 		BER_BVZERO( &lm->lm_pat );
 		break;
 	}
@@ -301,6 +289,7 @@ limits_add(
 		break;
 	}

+	lm->lm_flags = style | type;
 	lm->lm_limits = *limit;

 	i = 0;
@@ -457,28 +446,26 @@ limits_parse(
 			{
 				flags = SLAP_LIMITS_ANONYMOUS;
 				pattern = NULL;
+
+			} else {
+				/* force error below */
+				if ( *pattern == '=' )
+					--pattern;
 			}
 		}

 		/* pre-check the data */
-		switch ( flags ) {
-		case SLAP_LIMITS_ANONYMOUS:
-		case SLAP_LIMITS_USERS:
-
-			/* no need for pattern */
-			pattern = NULL;
-			break;
-
-		default:
+		if ( pattern != NULL ) {
 			if ( pattern[0] != '=' ) {
 				Debug( LDAP_DEBUG_ANY,
-					"%s : line %d: missing '=' in "
+					"%s : line %d: %s in "
 					"\"dn[.{this|self}][.{exact|base"
-					"|onelevel|subtree|children|regex}]"
-					"=<pattern>\" in "
-					"\"limits <pattern> <limits>\" "
-					"line.\n%s",
-					fname, lineno, "" );
+					"|onelevel|subtree|children|regex"
+					"|anonymous}]=<pattern>\" in "
+					"\"limits <pattern> <limits>\" line.\n",
+					fname, lineno,
+					isalnum( (unsigned char)pattern[0] )
+					? "unknown DN modifier" : "missing '='" );
 				return( -1 );
 			}

@@ -490,7 +477,7 @@ limits_parse(
 				flags = SLAP_LIMITS_ANY;
 				pattern = NULL;

-			} else if ( flags == SLAP_LIMITS_REGEX
+			} else if ( (flags & SLAP_LIMITS_MASK) == SLAP_LIMITS_REGEX
 					&& strcmp( pattern, ".*" ) == 0 ) {
 				flags = SLAP_LIMITS_ANY;
 				pattern = NULL;
@@ -1348,23 +1335,11 @@ limits_destroy(
 	}

 	for ( i = 0; lm[ i ]; i++ ) {
-		switch ( lm[ i ]->lm_flags & SLAP_LIMITS_MASK ) {
-		case SLAP_LIMITS_REGEX:
+		if ( (lm[ i ]->lm_flags & SLAP_LIMITS_MASK) == SLAP_LIMITS_REGEX )
 			regfree( &lm[ i ]->lm_regex );
-			break;

-		case SLAP_LIMITS_EXACT:
-		case SLAP_LIMITS_ONE:
-		case SLAP_LIMITS_SUBTREE:
-		case SLAP_LIMITS_CHILDREN:
-			if ( !BER_BVISNULL( &lm[ i ]->lm_pat ) ) {
-				ch_free( lm[ i ]->lm_pat.bv_val );
-			}
-			break;
-
-		default:
-			break;
-		}
+		if ( !BER_BVISNULL( &lm[ i ]->lm_pat ) )
+			ch_free( lm[ i ]->lm_pat.bv_val );

 		ch_free( lm[ i ] );
 	}