sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-12 04:23:49 +03:00
Code Activity

r7749: some bug fixes from testing with socket:testnonblock

Browse Source 
- fixed some infinite loops in asn1.c

- ensure asn1 callers know if an error is end of buffer or bad data

- handle npending 0 in ldap server
This commit is contained in:
Andrew Tridgell
2005-06-19 10:37:45 +00:00
committed by Gerald (Jerry) Carter
parent 345a71a08e
commit f22c3b84c8
4 changed files with 14 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/ldap_server/ldap_server.c
View File

@@ -254,10 +254,10 @@ static void ldapsrv_recv(struct stream_connection *c, uint16_t flags)
return; return;
} }
if (npending == 0) { if (npending == 0) {
ldapsrv_terminate_connection(conn, "EOF from client");
return; return;
} }
conn->partial.data = talloc_realloc_size(conn, conn->partial.data, conn->partial.data = talloc_realloc_size(conn, conn->partial.data,
conn->partial.length + npending); conn->partial.length + npending);
if (conn->partial.data == NULL) { if (conn->partial.data == NULL) {

2
source/lib/ldb/ldb_ildap/ldb_ildap.c
View File

@@ -124,6 +124,8 @@ static int ildb_search(struct ldb_module *module, const char *base,
if (ildb->rootDSE != NULL) { if (ildb->rootDSE != NULL) {
base = ldb_msg_find_string(ildb->rootDSE, base = ldb_msg_find_string(ildb->rootDSE,
"defaultNamingContext", ""); "defaultNamingContext", "");
} else {
base = "";
} }
} }

5
source/libcli/ldap/ldap.c
View File

@@ -501,7 +501,9 @@ static struct ldb_parse_tree *ldap_decode_filter_tree(TALLOC_CTX *mem_ctx,
ret->operation = LDB_OP_NOT; ret->operation = LDB_OP_NOT;
ret->u.not.child = ldap_decode_filter_tree(ret, data); ret->u.not.child = ldap_decode_filter_tree(ret, data);
if (ret->u.not.child == NULL) {
goto failed;
}
if (!asn1_end_tag(data)) { if (!asn1_end_tag(data)) {
goto failed; goto failed;
} }
@@ -595,7 +597,6 @@ static struct ldb_parse_tree *ldap_decode_filter_tree(TALLOC_CTX *mem_ctx,
failed: failed:
talloc_free(ret); talloc_free(ret);
DEBUG(0,("Failed to parse ASN.1 LDAP filter\n"));
return NULL; return NULL;
} }

12
source/libcli/util/asn1.c
View File

@@ -299,8 +299,12 @@ BOOL asn1_peek(struct asn1_data *data, void *p, int len)
if (len < 0 || data->ofs + len < data->ofs || data->ofs + len < len) if (len < 0 || data->ofs + len < data->ofs || data->ofs + len < len)
return False; return False;
if (data->ofs + len > data->length) if (data->ofs + len > data->length) {
/* we need to mark the buffer as consumed, so the caller knows
this was an out of data error, and not a decode error */
data->ofs = data->length;
return False; return False;
}
memcpy(p, data->data + data->ofs, len); memcpy(p, data->data + data->ofs, len);
return True; return True;
@@ -437,7 +441,7 @@ BOOL asn1_read_OID(struct asn1_data *data, const char **OID)
do { do {
asn1_read_uint8(data, &b); asn1_read_uint8(data, &b);
v = (v<<7) | (b&0x7f); v = (v<<7) | (b&0x7f);
} while (!data->has_error && b & 0x80); } while (!data->has_error && (b & 0x80));
tmp_oid = talloc_asprintf_append(tmp_oid, " %u", v); tmp_oid = talloc_asprintf_append(tmp_oid, " %u", v);
} }
@@ -540,7 +544,7 @@ BOOL asn1_read_implicit_Integer(struct asn1_data *data, int *i)
uint8_t b; uint8_t b;
*i = 0; *i = 0;
while (asn1_tag_remaining(data)>0) { while (!data->has_error && asn1_tag_remaining(data)>0) {
if (!asn1_read_uint8(data, &b)) return False; if (!asn1_read_uint8(data, &b)) return False;
*i = (*i << 8) + b; *i = (*i << 8) + b;
} }
@@ -564,7 +568,7 @@ BOOL asn1_read_enumerated(struct asn1_data *data, int *v)
*v = 0; *v = 0;
if (!asn1_start_tag(data, ASN1_ENUMERATED)) return False; if (!asn1_start_tag(data, ASN1_ENUMERATED)) return False;
while (asn1_tag_remaining(data)>0) { while (!data->has_error && asn1_tag_remaining(data)>0) {
uint8_t b; uint8_t b;
asn1_read_uint8(data, &b); asn1_read_uint8(data, &b);
*v = (*v << 8) + b; *v = (*v << 8) + b;