From 1dbf0e9441def3d6dbc0fa8fba3c2e86fa50fa19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= Date: Fri, 29 Nov 2019 10:03:24 +0000 Subject: [PATCH] ITS#9124 Check we have data to process in Cancel Exop --- servers/slapd/cancel.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/servers/slapd/cancel.c b/servers/slapd/cancel.c index 9b6bc0072d..a990014052 100644 --- a/servers/slapd/cancel.c +++ b/servers/slapd/cancel.c @@ -34,7 +34,8 @@ int cancel_extop( Operation *op, SlapReply *rs ) Operation *o; int rc; int opid; - BerElement *ber; + BerElementBuffer berbuf; + BerElement *ber = (BerElement *)&berbuf; assert( ber_bvcmp( &slap_EXOP_CANCEL, &op->ore_reqoid ) == 0 ); @@ -43,12 +44,14 @@ int cancel_extop( Operation *op, SlapReply *rs ) return LDAP_PROTOCOL_ERROR; } - ber = ber_init( op->ore_reqdata ); - if ( ber == NULL ) { - rs->sr_text = "internal error"; - return LDAP_OTHER; + if ( op->ore_reqdata->bv_len == 0 ) { + rs->sr_text = "empty request data field"; + return LDAP_PROTOCOL_ERROR; } + /* ber_init2 uses reqdata directly, doesn't allocate new buffers */ + ber_init2( ber, op->ore_reqdata, 0 ); + if ( ber_scanf( ber, "{i}", &opid ) == LBER_ERROR ) { rs->sr_text = "message ID parse failed"; return LDAP_PROTOCOL_ERROR;