Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/syntaxes
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14369/ldap/servers/plugins/syntaxes
Modified Files:
value.c
Log Message:
Resolves: #339791
Summary: rhds71sp1 rhel3u6 - ns-slapd process dies with segmentation fault
Description: ldap_utf8prev, LDAP_UTF8PREV, and LDAP_UTF8DEC were sometimes
used without checking the returned pointer going back beyond the beginning
of the string.
Index: value.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/syntaxes/value.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- value.c 2 Oct 2007 18:39:50 -0000 1.8
+++ value.c 24 Oct 2007 18:41:15 -0000 1.9
@@ -88,13 +88,14 @@
*/
void
value_normalize(
- char *s,
- int syntax,
+ char *s,
+ int syntax,
int trim_spaces
)
{
- char *d;
- int prevspace, curspace;
+ char *head = s;
+ char *d;
+ int prevspace, curspace;
if ( ! (syntax & SYNTAX_CIS) && ! (syntax & SYNTAX_CES) ) {
return;
@@ -107,10 +108,10 @@
d = s;
if (trim_spaces) {
- /* strip leading blanks */
- while (utf8isspace_fast(s)) {
- LDAP_UTF8INC(s);
- }
+ /* strip leading blanks */
+ while (utf8isspace_fast(s)) {
+ LDAP_UTF8INC(s);
+ }
}
/* for int syntax, look for leading sign, then trim 0s */
@@ -167,8 +168,8 @@
/* compress multiple blanks */
if ( prevspace && curspace ) {
- LDAP_UTF8INC(s);
- continue;
+ LDAP_UTF8INC(s);
+ continue;
}
prevspace = curspace;
if ( syntax & SYNTAX_CIS ) {
@@ -177,28 +178,28 @@
s += ssz;
d += dsz;
} else {
- char *np;
- int sz;
+ char *np;
+ int sz;
- np = ldap_utf8next(s);
- if (np == NULL || np == s) break;
- sz = np - s;
- memmove(d,s,sz);
- d += sz;
- s += sz;
+ np = ldap_utf8next(s);
+ if (np == NULL || np == s) break;
+ sz = np - s;
+ memmove(d,s,sz);
+ d += sz;
+ s += sz;
}
}
*d = '\0';
/* strip trailing blanks */
if (prevspace && trim_spaces) {
- char *nd;
+ char *nd;
- nd = ldap_utf8prev(d);
- while (nd && utf8isspace_fast(nd)) {
- d = nd;
- nd = ldap_utf8prev(d);
- *d = '\0';
- }
+ nd = ldap_utf8prev(d);
+ while (nd && nd >= head && utf8isspace_fast(nd)) {
+ d = nd;
+ nd = ldap_utf8prev(d);
+ *d = '\0';
+ }
}
}
Show replies by date