Commit 0f64b72a authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

paranoid check for escaped dn separators when naively checking for rdn boundary

parent bdb3edef
......@@ -352,7 +352,7 @@ acl_get(
if ( dnlen <= patlen )
continue;
if ( e->e_ndn[dnlen - patlen - 1] != ',' )
if ( !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) || DN_ESCAPE( e->e_ndn[dnlen - patlen - 2] ) )
continue;
rdn = dn_rdn( NULL, e->e_ndn );
......@@ -364,13 +364,13 @@ acl_get(
continue;
} else if ( a->acl_dn_style == ACL_STYLE_SUBTREE ) {
if ( dnlen > patlen && e->e_ndn[dnlen - patlen - 1] != ',' )
if ( dnlen > patlen && ( !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) || DN_ESCAPE( e->e_ndn[dnlen - patlen - 2] ) ) )
continue;
} else if ( a->acl_dn_style == ACL_STYLE_CHILDREN ) {
if ( dnlen <= patlen )
continue;
if ( e->e_ndn[dnlen - patlen - 1] != ',' )
if ( !DN_SEPARATOR( e->e_ndn[dnlen - patlen - 1] ) || DN_ESCAPE( e->e_ndn[dnlen - patlen - 2] ) )
continue;
}
......@@ -559,7 +559,7 @@ acl_mask(
if ( odnlen <= patlen )
continue;
if ( op->o_ndn[odnlen - patlen - 1] != ',' )
if ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) )
continue;
rdn = dn_rdn( NULL, op->o_ndn );
......@@ -571,13 +571,13 @@ acl_mask(
continue;
} else if ( b->a_dn_style == ACL_STYLE_SUBTREE ) {
if ( odnlen > patlen && op->o_ndn[odnlen - patlen - 1] != ',' )
if ( odnlen > patlen && ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) ) )
continue;
} else if ( b->a_dn_style == ACL_STYLE_CHILDREN ) {
if ( odnlen <= patlen )
continue;
if ( op->o_ndn[odnlen - patlen - 1] != ',' )
if ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) )
continue;
}
......
......@@ -525,7 +525,7 @@ select_backend(
}
if ( len && len < dnlen && !DN_SEPARATOR( dn[(dnlen-len)-1] ) ) {
if ( len && len < dnlen && ( !DN_SEPARATOR( dn[(dnlen-len)-1] ) || DN_ESCAPE( dn[(dnlen-len)-2] ) ) ) {
/* make sure we have a separator */
continue;
}
......
......@@ -68,7 +68,7 @@ get_limits(
}
} else {
/* check for unescaped rdn separator */
if ( !DN_SEPARATOR( ndn[d-1] ) || SLAP_ESCAPE_CHAR == ndn[d-2] ) {
if ( !DN_SEPARATOR( ndn[d-1] ) || DN_ESCAPE( ndn[d-2] ) ) {
break;
}
}
......
......@@ -85,6 +85,7 @@ LDAP_BEGIN_DECL
#define FILTER_ESCAPE(c) ( (c) == '*' || (c) == '\\' \
|| (c) == '(' || (c) == ')' || !ASCII_PRINTABLE(c) )
#define DN_ESCAPE(c) ((c) == SLAP_ESCAPE_CHAR)
#define DN_SEPARATOR(c) ((c) == ',' || (c) == ';')
#define RDN_ATTRTYPEANDVALUE_SEPARATOR(c) ((c) == '+') /* RFC 2253 */
#define RDN_SEPARATOR(c) (DN_SEPARATOR(c) || RDN_ATTRTYPEANDVALUE_SEPARATOR(c))
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment