mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-27 03:20:22 +08:00
ITS#9014 fix component match parsing errors
This commit is contained in:
parent
e394bcfa76
commit
6ae9bf167d
servers/slapd
@ -347,7 +347,7 @@ get_comp_filter( Operation* op, struct berval* bv,
|
||||
return rc;
|
||||
}
|
||||
rc = parse_comp_filter( op, &cav, filt, text );
|
||||
bv->bv_val = cav.cav_ptr;
|
||||
/* bv->bv_val = cav.cav_ptr; */
|
||||
|
||||
return rc;
|
||||
}
|
||||
@ -1067,7 +1067,7 @@ parse_comp_filter( Operation* op, ComponentAssertionValue* cav,
|
||||
*/
|
||||
|
||||
ber_tag_t tag;
|
||||
int err;
|
||||
int err = LDAP_SUCCESS;
|
||||
ComponentFilter f;
|
||||
/* TAG : item, and, or, not in RFC 4515 */
|
||||
tag = strip_cav_tag( cav );
|
||||
@ -1077,10 +1077,11 @@ parse_comp_filter( Operation* op, ComponentAssertionValue* cav,
|
||||
return LDAP_PROTOCOL_ERROR;
|
||||
}
|
||||
|
||||
if ( tag != LDAP_COMP_FILTER_NOT )
|
||||
strip_cav_str( cav, "{");
|
||||
|
||||
err = LDAP_SUCCESS;
|
||||
if ( tag != LDAP_COMP_FILTER_NOT ) {
|
||||
err = strip_cav_str( cav, "{");
|
||||
if ( err )
|
||||
goto invalid;
|
||||
}
|
||||
|
||||
f.cf_next = NULL;
|
||||
f.cf_choice = tag;
|
||||
@ -1154,13 +1155,14 @@ parse_comp_filter( Operation* op, ComponentAssertionValue* cav,
|
||||
break;
|
||||
}
|
||||
|
||||
invalid:
|
||||
if ( err != LDAP_SUCCESS && err != SLAPD_DISCONNECT ) {
|
||||
*text = "Component Filter Syntax Error";
|
||||
return err;
|
||||
}
|
||||
|
||||
if ( tag != LDAP_COMP_FILTER_NOT )
|
||||
strip_cav_str( cav, "}");
|
||||
err = strip_cav_str( cav, "}");
|
||||
|
||||
if ( err == LDAP_SUCCESS ) {
|
||||
if ( op ) {
|
||||
|
@ -327,6 +327,9 @@ certificateValidate( Syntax *syntax, struct berval *in )
|
||||
ber_len_t len;
|
||||
ber_int_t version = SLAP_X509_V1;
|
||||
|
||||
if ( BER_BVISNULL( in ) || BER_BVISEMPTY( in ))
|
||||
return LDAP_INVALID_SYNTAX;
|
||||
|
||||
ber_init2( ber, in, LBER_USE_DER );
|
||||
tag = ber_skip_tag( ber, &len ); /* Signed wrapper */
|
||||
if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
|
||||
|
Loading…
Reference in New Issue
Block a user