sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00
Code

s4-ldb: use safe length limited conversions for int64 and time

Browse Source
This commit is contained in:
Andrew Tridgell 2009-12-29 11:38:49 +11:00
parent 708ad42b0b
commit 53e86ac5b2
1 changed files with 48 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
source4/lib/ldb/common/attrib_handlers.c
View File

@ -100,6 +100,27 @@ int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
return 0;
}
/* length limited conversion of a ldb_val to a int32_t */
static int val_to_int64(const struct ldb_val *in, int64_t *v)
{
char *end;
char buf[64];
/* make sure we don't read past the end of the data */
if (in->length > sizeof(buf)-1) {
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
strncpy(buf, (char *)in->data, in->length);
buf[in->length] = 0;
/* We've to use "strtoll" here to have the intended overflows.
* Otherwise we may get "LONG_MAX" and the conversion is wrong. */
*v = (int64_t) strtoll(buf, &end, 0);
if (*end != 0) {
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
return LDB_SUCCESS;
}
/*
@ -109,14 +130,17 @@ int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
static int ldb_canonicalise_Integer(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *in, struct ldb_val *out)
{
char *end;
long long i = strtoll((char *)in->data, &end, 0);
if (*end != 0) {
return -1;
int64_t i;
int ret;
ret = val_to_int64(in, &i);
if (ret != LDB_SUCCESS) {
return ret;
}
out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%lld", i);
out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%lld", (long long)i);
if (out->data == NULL) {
return -1;
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
out->length = strlen((char *)out->data);
return 0;
@ -128,7 +152,11 @@ static int ldb_canonicalise_Integer(struct ldb_context *ldb, void *mem_ctx,
static int ldb_comparison_Integer(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *v1, const struct ldb_val *v2)
{
return strtoll((char *)v1->data, NULL, 0) - strtoll((char *)v2->data, NULL, 0);
int64_t i1=0, i2=0;
val_to_int64(v1, &i1);
val_to_int64(v2, &i2);
if (i1 == i2) return 0;
return i1 > i2? 1 : -1;
}
/*
@ -338,10 +366,11 @@ static int ldb_comparison_dn(struct ldb_context *ldb, void *mem_ctx,
static int ldb_comparison_utctime(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *v1, const struct ldb_val *v2)
{
time_t t1, t2;
t1 = ldb_string_to_time((char *)v1->data);
t2 = ldb_string_to_time((char *)v2->data);
return (int)t2 - (int)t1;
time_t t1=0, t2=0;
ldb_val_to_time(v1, &t1);
ldb_val_to_time(v2, &t2);
if (t1 == t2) return 0;
return t1 > t2? 1 : -1;
}
/*
@ -350,10 +379,16 @@ static int ldb_comparison_utctime(struct ldb_context *ldb, void *mem_ctx,
static int ldb_canonicalise_utctime(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *in, struct ldb_val *out)
{
time_t t = ldb_string_to_time((char *)in->data);
time_t t;
int ret;
ret = ldb_val_to_time(in, &t);
if (ret != LDB_SUCCESS) {
return ret;
}
out->data = (uint8_t *)ldb_timestring(mem_ctx, t);
if (out->data == NULL) {
return -1;
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
out->length = strlen((char *)out->data);
return 0;