From f77635066bc1bb3aaa10b9cdd14fd52bf50b67da Mon Sep 17 00:00:00 2001
From: Pierangelo Masarati <ando@openldap.org>
Date: Thu, 13 Sep 2007 22:43:05 +0000
Subject: [PATCH] fix sets memory handling (ITS#4873); add /- operator
(ITS#4860)
---
CHANGES | 2 +
servers/slapd/sets.c | 343 ++++++++++++++++++++++++++++++++++++-------
2 files changed, 294 insertions(+), 51 deletions(-)
diff --git a/CHANGES b/CHANGES
index 3dcc4a4f5f..6dbd333871 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,7 @@
OpenLDAP 2.4 Change Log
OpenLDAP 2.4.6 Engineering
+ Fixed slapd ACL sets memory handling (ITS#4873)
+ Added slapd ACL sets DN ancestors operator (ITS#4860)
Fixed slapd-ldap SASL idassert w/o autchId
Fixed slapo-rwm modlist handling (ITS#5124)
diff --git a/servers/slapd/sets.c b/servers/slapd/sets.c
index 22ec84f055..3393e83bf3 100644
--- a/servers/slapd/sets.c
+++ b/servers/slapd/sets.c
@@ -24,20 +24,22 @@
static BerVarray set_chase( SLAP_SET_GATHER gatherer,
SetCookie *cookie, BerVarray set, AttributeDescription *desc, int closure );
+/* Count the array members */
static long
slap_set_size( BerVarray set )
{
- long i;
+ long i = 0;
- i = 0;
if ( set != NULL ) {
while ( !BER_BVISNULL( &set[ i ] ) ) {
i++;
}
}
+
return i;
}
+/* Return 0 if there is at least one array member, non-zero otherwise */
static int
slap_set_isempty( BerVarray set )
{
@@ -52,6 +54,14 @@ slap_set_isempty( BerVarray set )
return 1;
}
+/* Dispose of the contents of the array and the array itself according
+ * to the flags value. If SLAP_SET_REFVAL, don't dispose of values;
+ * if SLAP_SET_REFARR, don't dispose of the array itself. In case of
+ * binary operators, there are LEFT flags and RIGHT flags, referring to
+ * the first and the second operator arguments, respectively. In this
+ * case, flags must be transformed using macros SLAP_SET_LREF2REF() and
+ * SLAP_SET_RREF2REF() before calling this function.
+ */
static void
slap_set_dispose( SetCookie *cp, BerVarray set, unsigned flags )
{
@@ -65,6 +75,10 @@ slap_set_dispose( SetCookie *cp, BerVarray set, unsigned flags )
}
}
+/* Duplicate a set. If SLAP_SET_REFARR, is not set, the original array
+ * with the original values is returned, otherwise the array is duplicated;
+ * if SLAP_SET_REFVAL is set, also the values are duplicated.
+ */
static BerVarray
set_dup( SetCookie *cp, BerVarray set, unsigned flags )
{
@@ -103,6 +117,19 @@ set_dup( SetCookie *cp, BerVarray set, unsigned flags )
return newset;
}
+/* Join two sets according to operator op and flags op_flags.
+ * op can be:
+ * '|' (or): the union between the two sets is returned,
+ * eliminating diplicates
+ * '&' (and): the intersection between the two sets
+ * is returned
+ * '+' (add): the inner product of the two sets is returned,
+ * namely a set containing the concatenation of
+ * all combinations of the two sets members,
+ * except for duplicates.
+ * The two sets are disposed of according to the flags as described
+ * for slap_set_dispose().
+ */
BerVarray
slap_set_join(
SetCookie *cp,
@@ -111,19 +138,19 @@ slap_set_join(
BerVarray rset )
{
BerVarray set;
- long i, j, last;
+ long i, j, last, rlast;
unsigned op = ( op_flags & SLAP_SET_OPMASK );
set = NULL;
switch ( op ) {
case '|': /* union */
- if ( lset == NULL || BER_BVISNULL( lset ) ) {
+ if ( lset == NULL || BER_BVISNULL( &lset[ 0 ] ) ) {
if ( rset == NULL ) {
if ( lset == NULL ) {
set = cp->set_op->o_tmpcalloc( 1,
sizeof( struct berval ),
cp->set_op->o_tmpmemctx );
- BER_BVZERO( set );
+ BER_BVZERO( &set[ 0 ] );
return set;
}
return set_dup( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
@@ -131,12 +158,14 @@ slap_set_join(
slap_set_dispose( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
return set_dup( cp, rset, SLAP_SET_RREF2REF( op_flags ) );
}
- if ( rset == NULL || BER_BVISNULL( rset ) ) {
+ if ( rset == NULL || BER_BVISNULL( &rset[ 0 ] ) ) {
slap_set_dispose( cp, rset, SLAP_SET_RREF2REF( op_flags ) );
return set_dup( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
}
- i = slap_set_size( lset ) + slap_set_size( rset ) + 1;
+ /* worst scenario: no duplicates */
+ rlast = slap_set_size( rset );
+ i = slap_set_size( lset ) + rlast + 1;
set = cp->set_op->o_tmpcalloc( i, sizeof( struct berval ), cp->set_op->o_tmpmemctx );
if ( set != NULL ) {
/* set_chase() depends on this routine to
@@ -153,6 +182,9 @@ slap_set_join(
}
}
+ /* pointers to values have been used in set - don't free twice */
+ op_flags |= SLAP_SET_LREFVAL;
+
last = i;
for ( i = 0; !BER_BVISNULL( &rset[ i ] ); i++ ) {
@@ -163,11 +195,12 @@ slap_set_join(
{
if ( !( op_flags & SLAP_SET_RREFVAL ) ) {
cp->set_op->o_tmpfree( rset[ i ].bv_val, cp->set_op->o_tmpmemctx );
- BER_BVZERO( &rset[ i ] );
+ rset[ i ] = rset[ --rlast ];
+ BER_BVZERO( &rset[ rlast ] );
}
exists = 1;
- break;
- }
+ break;
+ }
}
if ( !exists ) {
@@ -180,37 +213,58 @@ slap_set_join(
last++;
}
}
+
+ /* pointers to values have been used in set - don't free twice */
+ op_flags |= SLAP_SET_RREFVAL;
+
BER_BVZERO( &set[ last ] );
}
break;
case '&': /* intersection */
- if ( lset == NULL || BER_BVISNULL( lset )
- || rset == NULL || BER_BVISNULL( rset ) )
+ if ( lset == NULL || BER_BVISNULL( &lset[ 0 ] )
+ || rset == NULL || BER_BVISNULL( &rset[ 0 ] ) )
{
set = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ),
cp->set_op->o_tmpmemctx );
- BER_BVZERO( set );
+ BER_BVZERO( &set[ 0 ] );
+ break;
} else {
- set = set_dup( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
+ long llen, rlen;
+ BerVarray sset;
+
+ llen = slap_set_size( lset );
+ rlen = slap_set_size( rset );
+
+ /* dup the shortest */
+ if ( llen < rlen ) {
+ set = set_dup( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
+ lset = NULL;
+ sset = rset;
+
+ } else {
+ set = set_dup( cp, rset, SLAP_SET_RREF2REF( op_flags ) );
+ rset = NULL;
+ sset = lset;
+ }
+
if ( set == NULL ) {
break;
}
- lset = NULL;
- last = slap_set_size( set ) - 1;
+
+ last = slap_set_size( set );
for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) {
- for ( j = 0; !BER_BVISNULL( &rset[ j ] ); j++ ) {
- if ( bvmatch( &set[ i ], &rset[ j ] ) ) {
+ for ( j = 0; !BER_BVISNULL( &sset[ j ] ); j++ ) {
+ if ( bvmatch( &set[ i ], &sset[ j ] ) ) {
break;
}
}
- if ( BER_BVISNULL( &rset[ j ] ) ) {
+ if ( BER_BVISNULL( &sset[ j ] ) ) {
cp->set_op->o_tmpfree( set[ i ].bv_val, cp->set_op->o_tmpmemctx );
- set[ i ] = set[ last ];
+ set[ i ] = set[ --last ];
BER_BVZERO( &set[ last ] );
- last--;
i--;
}
}
@@ -221,6 +275,27 @@ slap_set_join(
i = slap_set_size( rset );
j = slap_set_size( lset );
+ /* handle empty set cases */
+ if ( i == 0 ) {
+ if ( j == 0 ) {
+ set = cp->set_op->o_tmpcalloc( i * j + 1, sizeof( struct berval ),
+ cp->set_op->o_tmpmemctx );
+ if ( set == NULL ) {
+ break;
+ }
+ BER_BVZERO( &set[ 0 ] );
+ break;
+
+ } else {
+ set = set_dup( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
+ break;
+ }
+
+ } else if ( j == 0 ) {
+ set = set_dup( cp, rset, SLAP_SET_RREF2REF( op_flags ) );
+ break;
+ }
+
set = cp->set_op->o_tmpcalloc( i * j + 1, sizeof( struct berval ),
cp->set_op->o_tmpmemctx );
if ( set == NULL ) {
@@ -232,17 +307,36 @@ slap_set_join(
struct berval bv;
long k;
- bv.bv_len = lset[ i ].bv_len + rset[ j ].bv_len;
- bv.bv_val = cp->set_op->o_tmpalloc( bv.bv_len + 1,
- cp->set_op->o_tmpmemctx );
- if ( bv.bv_val == NULL ) {
- slap_set_dispose( cp, set, 0 );
- set = NULL;
- goto done;
+ /* don't concatenate with the empty string */
+ if ( BER_BVISEMPTY( &lset[ i ] ) ) {
+ ber_dupbv_x( &bv, &rset[ j ], cp->set_op->o_tmpmemctx );
+ if ( bv.bv_val == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ set = NULL;
+ goto done;
+ }
+
+ } else if ( BER_BVISEMPTY( &rset[ j ] ) ) {
+ ber_dupbv_x( &bv, &lset[ i ], cp->set_op->o_tmpmemctx );
+ if ( bv.bv_val == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ set = NULL;
+ goto done;
+ }
+
+ } else {
+ bv.bv_len = lset[ i ].bv_len + rset[ j ].bv_len;
+ bv.bv_val = cp->set_op->o_tmpalloc( bv.bv_len + 1,
+ cp->set_op->o_tmpmemctx );
+ if ( bv.bv_val == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ set = NULL;
+ goto done;
+ }
+ AC_MEMCPY( bv.bv_val, lset[ i ].bv_val, lset[ i ].bv_len );
+ AC_MEMCPY( &bv.bv_val[ lset[ i ].bv_len ], rset[ j ].bv_val, rset[ j ].bv_len );
+ bv.bv_val[ bv.bv_len ] = '\0';
}
- AC_MEMCPY( bv.bv_val, lset[ i ].bv_val, lset[ i ].bv_len );
- AC_MEMCPY( &bv.bv_val[ lset[ i ].bv_len ], rset[ j ].bv_val, rset[ j ].bv_len );
- bv.bv_val[ bv.bv_len ] = '\0';
for ( k = 0; k < last; k++ ) {
if ( bvmatch( &set[ k ], &bv ) ) {
@@ -264,17 +358,8 @@ slap_set_join(
}
done:;
- if ( !( op_flags & SLAP_SET_LREFARR ) && lset != NULL ) {
- if ( !( op_flags & SLAP_SET_LREFVAL ))
- cp->set_op->o_tmpfree( lset->bv_val, cp->set_op->o_tmpmemctx );
- cp->set_op->o_tmpfree( lset, cp->set_op->o_tmpmemctx );
- }
-
- if ( !( op_flags & SLAP_SET_RREFARR ) && rset != NULL ) {
- if ( !( op_flags & SLAP_SET_RREFVAL ))
- cp->set_op->o_tmpfree( rset->bv_val, cp->set_op->o_tmpmemctx );
- cp->set_op->o_tmpfree( rset, cp->set_op->o_tmpmemctx );
- }
+ if ( lset ) slap_set_dispose( cp, lset, SLAP_SET_LREF2REF( op_flags ) );
+ if ( rset ) slap_set_dispose( cp, rset, SLAP_SET_RREF2REF( op_flags ) );
return set;
}
@@ -289,7 +374,9 @@ set_chase( SLAP_SET_GATHER gatherer,
if ( set == NULL ) {
set = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ),
cp->set_op->o_tmpmemctx );
- BER_BVZERO( set );
+ if ( set != NULL ) {
+ BER_BVZERO( &set[ 0 ] );
+ }
return set;
}
@@ -299,7 +386,7 @@ set_chase( SLAP_SET_GATHER gatherer,
nset = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ), cp->set_op->o_tmpmemctx );
if ( nset == NULL ) {
- slap_set_dispose( cp, set, 0 );
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
return NULL;
}
for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) {
@@ -308,7 +395,7 @@ set_chase( SLAP_SET_GATHER gatherer,
nset = slap_set_join( cp, nset, '|', vals );
}
}
- slap_set_dispose( cp, set, 0 );
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
if ( closure ) {
for ( i = 0; !BER_BVISNULL( &nset[ i ] ); i++ ) {
@@ -325,6 +412,127 @@ set_chase( SLAP_SET_GATHER gatherer,
return nset;
}
+
+static BerVarray
+set_parents( SetCookie *cp, BerVarray set )
+{
+ int i, j, last;
+ struct berval bv, pbv;
+ BerVarray nset, vals;
+
+ if ( set == NULL ) {
+ set = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ),
+ cp->set_op->o_tmpmemctx );
+ if ( set != NULL ) {
+ BER_BVZERO( &set[ 0 ] );
+ }
+ return set;
+ }
+
+ if ( BER_BVISNULL( &set[ 0 ] ) ) {
+ return set;
+ }
+
+ nset = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ), cp->set_op->o_tmpmemctx );
+ if ( nset == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ return NULL;
+ }
+
+ BER_BVZERO( &nset[ 0 ] );
+
+ for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) {
+ int level = 1;
+
+ pbv = bv = set[ i ];
+ for ( ; !BER_BVISEMPTY( &pbv ); dnParent( &bv, &pbv ) ) {
+ level++;
+ bv = pbv;
+ }
+
+ vals = cp->set_op->o_tmpcalloc( level + 1, sizeof( struct berval ), cp->set_op->o_tmpmemctx );
+ if ( vals == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ ber_bvarray_free_x( nset, cp->set_op->o_tmpmemctx );
+ return NULL;
+ }
+ BER_BVZERO( &vals[ 0 ] );
+ last = 0;
+
+ bv = set[ i ];
+ for ( j = 0 ; j < level ; j++ ) {
+ ber_dupbv_x( &vals[ last ], &bv, cp->set_op->o_tmpmemctx );
+ last++;
+ dnParent( &bv, &bv );
+ }
+ BER_BVZERO( &vals[ last ] );
+
+ nset = slap_set_join( cp, nset, '|', vals );
+ }
+
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+
+ return nset;
+}
+
+
+
+static BerVarray
+set_parent( SetCookie *cp, BerVarray set, int level )
+{
+ int i, j, last;
+ struct berval bv;
+ BerVarray nset;
+
+ if ( set == NULL ) {
+ set = cp->set_op->o_tmpcalloc( 1, sizeof( struct berval ),
+ cp->set_op->o_tmpmemctx );
+ if ( set != NULL ) {
+ BER_BVZERO( &set[ 0 ] );
+ }
+ return set;
+ }
+
+ if ( BER_BVISNULL( &set[ 0 ] ) ) {
+ return set;
+ }
+
+ nset = cp->set_op->o_tmpcalloc( slap_set_size( set ) + 1, sizeof( struct berval ), cp->set_op->o_tmpmemctx );
+ if ( nset == NULL ) {
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+ return NULL;
+ }
+
+ BER_BVZERO( &nset[ 0 ] );
+ last = 0;
+
+ for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) {
+ bv = set[ i ];
+
+ for ( j = 0 ; j < level ; j++ ) {
+ dnParent( &bv, &bv );
+ }
+
+ for ( j = 0; !BER_BVISNULL( &nset[ j ] ); j++ ) {
+ if ( bvmatch( &bv, &nset[ j ] ) )
+ {
+ break;
+ }
+ }
+
+ if ( BER_BVISNULL( &nset[ j ] ) ) {
+ ber_dupbv_x( &nset[ last ], &bv, cp->set_op->o_tmpmemctx );
+ last++;
+ }
+ }
+
+ BER_BVZERO( &nset[ last ] );
+
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
+
+ return nset;
+}
+
int
slap_set_filter( SLAP_SET_GATHER gatherer,
SetCookie *cp, struct berval *fbv,
@@ -448,11 +656,44 @@ slap_set_filter( SLAP_SET_GATHER gatherer,
break;
case '-':
- c = *filter++;
- if ( c != '>' ) {
- SF_ERROR( syntax );
+ if ( ( SF_TOP() == (void *)'/' )
+ && ( *filter == '*' || ASCII_DIGIT( *filter ) ) )
+ {
+ SF_POP();
+
+ if ( *filter == '*' ) {
+ set = set_parents( cp, SF_POP() );
+ filter++;
+
+ } else {
+ char *next = NULL;
+ long parent = strtol( filter, &next, 10 );
+
+ if ( next == filter ) {
+ SF_ERROR( syntax );
+ }
+
+ set = SF_POP();
+ if ( parent != 0 ) {
+ set = set_parent( cp, set, parent );
+ }
+ filter = next;
+ }
+
+ if ( set == NULL ) {
+ SF_ERROR( memory );
+ }
+
+ SF_PUSH( set );
+ set = NULL;
+ break;
+ } else {
+ c = *filter++;
+ if ( c != '>' ) {
+ SF_ERROR( syntax );
+ }
+ /* fall through to next case */
}
- /* fall through to next case */
case '/':
if ( IS_OP( SF_TOP() ) ) {
@@ -573,11 +814,11 @@ slap_set_filter( SLAP_SET_GATHER gatherer,
_error:
if ( IS_SET( set ) ) {
- slap_set_dispose( cp, set, 0 );
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
}
while ( ( set = SF_POP() ) ) {
if ( IS_SET( set ) ) {
- slap_set_dispose( cp, set, 0 );
+ ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx );
}
}
return rc;
--
GitLab