Please review (take 2): [Bug 199923] subtree search fails to find items under a db containing special characters
by Noriko Hosoi
Subject: subtree search fails to find items under a db containing
special characters
https://bugzilla.redhat.com/show_bug.cgi?id=199923
Files:
ldap/servers/plugins/syntaxes/validate.c
ldap/servers/slapd/back-ldbm/ldbm_add.c
ldap/servers/slapd/dn.c
Fix Description:
dn.c: Based upon RFC 4514, the following characters in the RDN
values need to be escaped:
'+', ';', '<','>', and '=' for the intermediate characters
'+', ';', '<','>', '=', '#' and ' ' for leading characters
'+', ';', '<','>', '=', and ' ' for trailing characters
validate.c: If an escaped character followed by another escaped
character, e.g., \#\<, the pointer was moved twice skipping '\'
before '<' and it makes the validation fail.
ldbm_add.c: a local variable addr was not initialized.
Thanks to Nathan for his review. I revised dn.c based upon
his review comments.
Proposed Fix:
https://bugzilla.redhat.com/attachment.cgi?id=399189&action=diff
https://bugzilla.redhat.com/attachment.cgi?id=399189&action=edit
14 years
Please review: [Bug 199923] subtree search fails to find items under a db containing special characters
by Noriko Hosoi
Subject: subtree search fails to find items under a db containing
special characters
https://bugzilla.redhat.com/show_bug.cgi?id=199923
This bug had been reopened due to the regression.
[Proposed Fix]
https://bugzilla.redhat.com/attachment.cgi?id=398612&action=diff
https://bugzilla.redhat.com/attachment.cgi?id=398612&action=edit
Files:
ldap/servers/plugins/syntaxes/validate.c
ldap/servers/slapd/dn.c
Problem Description:
A simple failed case observed before applying the patch:
$ /usr/lib64/mozldap/ldapmodify -p 10389 -D 'cn=directory manager' -w pw<< EOF
dn: ou=\#\<,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: \#\<
EOF
ldap_add: Invalid DN syntax
ldap_add: additional info: DN value invalid per syntax
Fix Description:
dn.c: Based upon RFC 4514, '#', '+', ';', '<','>', and '=' need to be escaped
in addition to '\\' and '"' if it appears in the DN string.
validate.c: Using the above example, if an escaped character (\<) followed by
an escaped character (\#), the pointer was moved twice skipping '\' before '<'
and it makes the validation fail.
======================================================
Breakpoint 2, rdn_validate (
begin=0x7fd090001ed0 "ou=\\#\\<,dc=example,dc=com",
end=0x7fd090001ee8 "m", last=0x7fd0a9bedac0)
at ldap/servers/plugins/syntaxes/validate.c:430
430 int rc = 0; /* Assume RDN is valid */
(gdb) p p
$35 = 0x7fd090001ed3 "\\#\\<,dc=example,dc=com"
(gdb) p end
$36 = 0x7fd090001ee8 "m"
(gdb) p *p
$37 = 92 '\\'
(gdb) n
472 if (numericform) {
(gdb) n
498 if (IS_UTF1(*p)&& !IS_ESC(*p)&& !IS_LUTF1(*p)) {
(gdb) n
507 if (numericform) {
(gdb) n
517 if (IS_UTF1(*p)) {
(gdb) n
520 if ((p == end)&& !IS_TUTF1(*p)) {
(gdb) n
524 } else if (IS_ESC(*p)) {
(gdb) n
528 p++;<== *p is '#'
(gdb) n
529 if (!IS_ESC(*p)&& !IS_SPECIAL(*p)) {
(gdb) n
538 p++;<== move the pointer to the next char '\\'
(gdb) p *p
$40 = 92 '\\'
(gdb) n
545 p++;<== another move to '<', which needs to be escaped
(gdb) n
517 if (IS_UTF1(*p)) {
(gdb) n
520 if ((p == end)&& !IS_TUTF1(*p)) {
(gdb) n
524 } else if (IS_ESC(*p)) {
(gdb) n
540 } else if (!IS_SUTF1(*p)) {
(gdb) n
541 rc = 1;<== failed.
14 years