From 8e3adc2428cb4b46cbbf67c8448287b9a8c0724a Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Fri, 26 Aug 2005 16:52:51 +0000 Subject: [PATCH] fix uninitialized, signedness and other issues (ITS#3854) --- servers/slapd/acl.c | 60 ++++++++++++++++++---------------- servers/slapd/sets.c | 76 ++++++++++++++++++++++---------------------- servers/slapd/sets.h | 2 +- 3 files changed, 72 insertions(+), 66 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index e89f1406b6..91c33e9c23 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -103,8 +103,9 @@ static int regex_matches( int nmatch, regmatch_t *matches); typedef struct AclSetCookie { - Operation *op; - Entry *e; + SetCookie asc_cookie; +#define asc_op asc_cookie.set_op + Entry *asc_e; } AclSetCookie; SLAP_SET_GATHER acl_set_gather; @@ -142,7 +143,8 @@ slap_access_always_allowed( { assert( maskp != NULL ); - ACL_PRIV_SET( *maskp, ACL_ACCESS2PRIV( access ) ); + /* assign all */ + ACL_LVL_ASSIGN_MANAGE( *maskp ); return 1; } @@ -181,6 +183,8 @@ slap_access_allowed( assert( attr != NULL ); + ACL_INIT( mask ); + /* grant database root access */ if ( be_isroot( op ) ) { Debug( LDAP_DEBUG_ACL, "<= root access granted\n", 0, 0, 0 ); @@ -197,7 +201,8 @@ slap_access_allowed( * if we get here it means a non-root user is trying to * manage data, so we need to check its privileges. */ - if ( access_level == ACL_WRITE && is_at_no_user_mod( desc->ad_type ) + if ( access_level == ACL_WRITE + && is_at_no_user_mod( desc->ad_type ) && desc != slap_schema.si_ad_entry && desc != slap_schema.si_ad_children ) { @@ -1192,7 +1197,7 @@ acl_mask_dn( } rdnlen = dn_rdnlen( NULL, opndn ); - if ( rdnlen != odnlen - patlen - 1 ) { + if ( rdnlen - ( odnlen - patlen - 1 ) != 0 ) { goto dn_match_cleanup; } @@ -1211,8 +1216,8 @@ acl_mask_dn( } } else if ( b->a_style == ACL_STYLE_LEVEL ) { - int level; - struct berval ndn; + int level = b->a_level; + struct berval ndn; if ( odnlen <= patlen ) { goto dn_match_cleanup; @@ -1223,7 +1228,6 @@ acl_mask_dn( goto dn_match_cleanup; } - level = b->a_level; ndn = *opndn; for ( ; level > 0; level-- ) { if ( BER_BVISEMPTY( &ndn ) ) { @@ -2535,7 +2539,7 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de /* Grab the searchbase and see if an appropriate database can be found */ ber_str2bv( ludp->lud_dn, 0, 0, &op2.o_req_dn ); rc = dnNormalize( 0, NULL, NULL, &op2.o_req_dn, - &op2.o_req_ndn, cp->op->o_tmpmemctx ); + &op2.o_req_ndn, cp->asc_op->o_tmpmemctx ); BER_BVZERO( &op2.o_req_dn ); if ( rc != LDAP_SUCCESS ) { goto url_done; @@ -2550,13 +2554,13 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de /* Grab the filter */ if ( ludp->lud_filter ) { ber_str2bv_x( ludp->lud_filter, 0, 0, &op2.ors_filterstr, - cp->op->o_tmpmemctx ); + cp->asc_op->o_tmpmemctx ); } else { op2.ors_filterstr = defaultFilter_bv; } - op2.ors_filter = str2filter_x( cp->op, op2.ors_filterstr.bv_val ); + op2.ors_filter = str2filter_x( cp->asc_op, op2.ors_filterstr.bv_val ); if ( op2.ors_filter == NULL ) { rc = LDAP_PROTOCOL_ERROR; goto url_done; @@ -2571,7 +2575,7 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de ; anlistp = slap_sl_malloc( sizeof( AttributeName ) * ( nattrs + 2 ), - cp->op->o_tmpmemctx ); + cp->asc_op->o_tmpmemctx ); for ( ; ludp->lud_attrs[ nattrs ]; nattrs++ ) { ber_str2bv( ludp->lud_attrs[ nattrs ], 0, 0, &anlistp[ nattrs ].an_name ); @@ -2594,19 +2598,19 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de p.cookie = cookie; - op2.o_hdr = cp->op->o_hdr; + op2.o_hdr = cp->asc_op->o_hdr; op2.o_tag = LDAP_REQ_SEARCH; op2.o_ndn = op2.o_bd->be_rootndn; op2.o_callback = &cb; op2.o_time = slap_get_time(); op2.o_do_not_cache = 1; op2.o_is_auth_check = 0; - ber_dupbv_x( &op2.o_req_dn, &op2.o_req_ndn, cp->op->o_tmpmemctx ); + ber_dupbv_x( &op2.o_req_dn, &op2.o_req_ndn, cp->asc_op->o_tmpmemctx ); op2.ors_slimit = SLAP_NO_LIMIT; op2.ors_tlimit = SLAP_NO_LIMIT; op2.ors_attrs = anlistp; op2.ors_attrsonly = 0; - op2.o_private = cp->op->o_private; + op2.o_private = cp->asc_op->o_private; cb.sc_private = &p; @@ -2617,19 +2621,19 @@ acl_set_gather( SetCookie *cookie, struct berval *name, AttributeDescription *de url_done:; if ( op2.ors_filter ) { - filter_free_x( cp->op, op2.ors_filter ); + filter_free_x( cp->asc_op, op2.ors_filter ); } if ( !BER_BVISNULL( &op2.o_req_ndn ) ) { - slap_sl_free( op2.o_req_ndn.bv_val, cp->op->o_tmpmemctx ); + slap_sl_free( op2.o_req_ndn.bv_val, cp->asc_op->o_tmpmemctx ); } if ( !BER_BVISNULL( &op2.o_req_dn ) ) { - slap_sl_free( op2.o_req_dn.bv_val, cp->op->o_tmpmemctx ); + slap_sl_free( op2.o_req_dn.bv_val, cp->asc_op->o_tmpmemctx ); } if ( ludp ) { ldap_free_urldesc( ludp ); } if ( anlistp && anlistp != anlist ) { - slap_sl_free( anlistp, cp->op->o_tmpmemctx ); + slap_sl_free( anlistp, cp->asc_op->o_tmpmemctx ); } return p.bvals; @@ -2647,22 +2651,22 @@ acl_set_gather2( SetCookie *cookie, struct berval *name, AttributeDescription *d * plain strings, since syntax is not known. It should * also return the syntax or some "comparison cookie". */ - rc = dnNormalize( 0, NULL, NULL, name, &ndn, cp->op->o_tmpmemctx ); + rc = dnNormalize( 0, NULL, NULL, name, &ndn, cp->asc_op->o_tmpmemctx ); if ( rc == LDAP_SUCCESS ) { if ( desc == slap_schema.si_ad_entryDN ) { bvals = (BerVarray)slap_sl_malloc( sizeof( BerValue ) * 2, - cp->op->o_tmpmemctx ); + cp->asc_op->o_tmpmemctx ); bvals[ 0 ] = ndn; BER_BVZERO( &bvals[ 1 ] ); BER_BVZERO( &ndn ); } else { - backend_attribute( cp->op, - cp->e, &ndn, desc, &bvals, ACL_NONE ); + backend_attribute( cp->asc_op, + cp->asc_e, &ndn, desc, &bvals, ACL_NONE ); } if ( !BER_BVISNULL( &ndn ) ) { - slap_sl_free( ndn.bv_val, cp->op->o_tmpmemctx ); + slap_sl_free( ndn.bv_val, cp->asc_op->o_tmpmemctx ); } } @@ -2724,9 +2728,11 @@ acl_match_set ( } if ( !BER_BVISNULL( &set ) ) { - cookie.op = op; - cookie.e = e; - rc = ( slap_set_filter( acl_set_gather, (SetCookie *)&cookie, &set, + cookie.asc_op = op; + cookie.asc_e = e; + rc = ( slap_set_filter( + acl_set_gather, + (SetCookie *)&cookie, &set, &op->o_ndn, &e->e_nname, NULL ) > 0 ); slap_sl_free( set.bv_val, op->o_tmpmemctx ); } diff --git a/servers/slapd/sets.c b/servers/slapd/sets.c index 9a626947b3..6574cc92de 100644 --- a/servers/slapd/sets.c +++ b/servers/slapd/sets.c @@ -57,11 +57,11 @@ slap_set_dispose( SetCookie *cp, BerVarray set, unsigned flags ) { if ( flags & SLAP_SET_REFVAL ) { if ( ! ( flags & SLAP_SET_REFARR ) ) { - cp->op->o_tmpfree( set, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( set, cp->set_op->o_tmpmemctx ); } } else { - ber_bvarray_free_x( set, cp->op->o_tmpmemctx ); + ber_bvarray_free_x( set, cp->set_op->o_tmpmemctx ); } } @@ -79,9 +79,9 @@ set_dup( SetCookie *cp, BerVarray set, unsigned flags ) for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) ; - newset = cp->op->o_tmpcalloc( i + 1, + newset = cp->set_op->o_tmpcalloc( i + 1, sizeof(struct berval), - cp->op->o_tmpmemctx ); + cp->set_op->o_tmpmemctx ); if ( newset == NULL ) { return NULL; } @@ -89,7 +89,7 @@ set_dup( SetCookie *cp, BerVarray set, unsigned flags ) if ( flags & SLAP_SET_REFVAL ) { for ( i = 0; !BER_BVISNULL( &set[ i ] ); i++ ) { ber_dupbv_x( &newset[ i ], &set[ i ], - cp->op->o_tmpmemctx ); + cp->set_op->o_tmpmemctx ); } } else { @@ -120,9 +120,9 @@ slap_set_join( if ( lset == NULL || BER_BVISNULL( lset ) ) { if ( rset == NULL ) { if ( lset == NULL ) { - set = cp->op->o_tmpcalloc( 1, + set = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval), - cp->op->o_tmpmemctx ); + cp->set_op->o_tmpmemctx ); BER_BVZERO( set ); return set; } @@ -137,7 +137,7 @@ slap_set_join( } i = slap_set_size( lset ) + slap_set_size( rset ) + 1; - set = cp->op->o_tmpcalloc( i, sizeof(struct berval), cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( i, sizeof(struct berval), cp->set_op->o_tmpmemctx ); if ( set != NULL ) { /* set_chase() depends on this routine to * keep the first elements of the result @@ -146,7 +146,7 @@ slap_set_join( */ for ( i = 0; !BER_BVISNULL( &lset[ i ] ); i++ ) { if ( op_flags & SLAP_SET_LREFVAL ) { - ber_dupbv_x( &set[ i ], &lset[ i ], cp->op->o_tmpmemctx ); + ber_dupbv_x( &set[ i ], &lset[ i ], cp->set_op->o_tmpmemctx ); } else { set[ i ] = lset[ i ]; @@ -162,7 +162,7 @@ slap_set_join( if ( bvmatch( &rset[ i ], &set[ j ] ) ) { if ( !( op_flags & SLAP_SET_RREFVAL ) ) { - cp->op->o_tmpfree( rset[ i ].bv_val, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( rset[ i ].bv_val, cp->set_op->o_tmpmemctx ); BER_BVZERO( &rset[ i ] ); } exists = 1; @@ -172,7 +172,7 @@ slap_set_join( if ( !exists ) { if ( op_flags & SLAP_SET_RREFVAL ) { - ber_dupbv_x( &set[ last ], &rset[ i ], cp->op->o_tmpmemctx ); + ber_dupbv_x( &set[ last ], &rset[ i ], cp->set_op->o_tmpmemctx ); } else { set[ last ] = rset[ i ]; @@ -188,8 +188,8 @@ slap_set_join( if ( lset == NULL || BER_BVISNULL( lset ) || rset == NULL || BER_BVISNULL( rset ) ) { - set = cp->op->o_tmpcalloc( 1, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); BER_BVZERO( set ); } else { @@ -207,7 +207,7 @@ slap_set_join( } if ( BER_BVISNULL( &rset[ j ] ) ) { - cp->op->o_tmpfree( set[ i ].bv_val, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( set[ i ].bv_val, cp->set_op->o_tmpmemctx ); set[ i ] = set[ last ]; BER_BVZERO( &set[ last ] ); last--; @@ -221,8 +221,8 @@ slap_set_join( i = slap_set_size( rset ); j = slap_set_size( lset ); - set = cp->op->o_tmpcalloc( i * j + 1, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( i * j + 1, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); if ( set == NULL ) { break; } @@ -233,8 +233,8 @@ slap_set_join( long k; bv.bv_len = lset[ i ].bv_len + rset[ j ].bv_len; - bv.bv_val = cp->op->o_tmpalloc( bv.bv_len + 1, - cp->op->o_tmpmemctx ); + bv.bv_val = cp->set_op->o_tmpalloc( bv.bv_len + 1, + cp->set_op->o_tmpmemctx ); if ( bv.bv_val == NULL ) { slap_set_dispose( cp, set, 0 ); set = NULL; @@ -246,7 +246,7 @@ slap_set_join( for ( k = 0; k < last; k++ ) { if ( bvmatch( &set[ k ], &bv ) ) { - cp->op->o_tmpfree( bv.bv_val, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( bv.bv_val, cp->set_op->o_tmpmemctx ); break; } } @@ -265,11 +265,11 @@ slap_set_join( done:; if ( !( op_flags & SLAP_SET_LREFARR ) && lset != NULL ) { - cp->op->o_tmpfree( lset, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( lset, cp->set_op->o_tmpmemctx ); } if ( !( op_flags & SLAP_SET_RREFARR ) && rset != NULL ) { - cp->op->o_tmpfree( rset, cp->op->o_tmpmemctx ); + cp->set_op->o_tmpfree( rset, cp->set_op->o_tmpmemctx ); } return set; @@ -283,8 +283,8 @@ set_chase( SLAP_SET_GATHER gatherer, int i; if ( set == NULL ) { - set = cp->op->o_tmpcalloc( 1, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); BER_BVZERO( set ); return set; } @@ -293,7 +293,7 @@ set_chase( SLAP_SET_GATHER gatherer, return set; } - nset = cp->op->o_tmpcalloc( 1, sizeof(struct berval), cp->op->o_tmpmemctx ); + nset = cp->set_op->o_tmpcalloc( 1, sizeof(struct berval), cp->set_op->o_tmpmemctx ); if ( nset == NULL ) { slap_set_dispose( cp, set, 0 ); return NULL; @@ -340,7 +340,7 @@ slap_set_filter( SLAP_SET_GATHER gatherer, BerVarray set, lset; BerVarray stack[ STACK_SIZE ] = { 0 }; int len, rc, stp; - unsigned op; + unsigned long op; char c, *filter = fbv->bv_val; if ( results ) { @@ -375,7 +375,7 @@ slap_set_filter( SLAP_SET_GATHER gatherer, set = NULL; } else if ( IS_OP( SF_TOP() ) ) { - op = (unsigned)SF_POP(); + op = (unsigned long)SF_POP(); lset = SF_POP(); SF_POP(); set = slap_set_join( cp, lset, op, set ); @@ -402,7 +402,7 @@ slap_set_filter( SLAP_SET_GATHER gatherer, set = NULL; } else if ( IS_OP( SF_TOP() ) ) { - op = (unsigned)SF_POP(); + op = (unsigned long)SF_POP(); lset = SF_POP(); set = slap_set_join( cp, lset, op, set ); if ( set == NULL ) { @@ -427,13 +427,13 @@ slap_set_filter( SLAP_SET_GATHER gatherer, SF_ERROR(syntax); } - set = cp->op->o_tmpcalloc( 2, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); if ( set == NULL ) { SF_ERROR(memory); } - set->bv_val = cp->op->o_tmpcalloc( len + 1, sizeof(char), - cp->op->o_tmpmemctx ); + set->bv_val = cp->set_op->o_tmpcalloc( len + 1, sizeof(char), + cp->set_op->o_tmpmemctx ); if ( BER_BVISNULL( set ) ) { SF_ERROR( memory ); } @@ -478,12 +478,12 @@ slap_set_filter( SLAP_SET_GATHER gatherer, if ( ( SF_TOP() == (void *)'/' ) || IS_SET( SF_TOP() ) ) { SF_ERROR( syntax ); } - set = cp->op->o_tmpcalloc( 2, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); if ( set == NULL ) { SF_ERROR( memory ); } - ber_dupbv_x( set, target, cp->op->o_tmpmemctx ); + ber_dupbv_x( set, target, cp->set_op->o_tmpmemctx ); if ( BER_BVISNULL( set ) ) { SF_ERROR( memory ); } @@ -495,12 +495,12 @@ slap_set_filter( SLAP_SET_GATHER gatherer, if ( ( SF_TOP() == (void *)'/' ) || IS_SET( SF_TOP() ) ) { SF_ERROR( syntax ); } - set = cp->op->o_tmpcalloc( 2, sizeof(struct berval), - cp->op->o_tmpmemctx ); + set = cp->set_op->o_tmpcalloc( 2, sizeof(struct berval), + cp->set_op->o_tmpmemctx ); if ( set == NULL ) { SF_ERROR( memory ); } - ber_dupbv_x( set, user, cp->op->o_tmpmemctx ); + ber_dupbv_x( set, user, cp->set_op->o_tmpmemctx ); if ( BER_BVISNULL( set ) ) { SF_ERROR( memory ); } @@ -550,7 +550,7 @@ slap_set_filter( SLAP_SET_GATHER gatherer, /* FIXME: ok ? */ ; } else if ( IS_OP( SF_TOP() ) ) { - op = (unsigned)SF_POP(); + op = (unsigned long)SF_POP(); lset = SF_POP(); set = slap_set_join( cp, lset, op, set ); if ( set == NULL ) { diff --git a/servers/slapd/sets.h b/servers/slapd/sets.h index af5d809dc7..e92064481b 100644 --- a/servers/slapd/sets.h +++ b/servers/slapd/sets.h @@ -21,7 +21,7 @@ LDAP_BEGIN_DECL typedef struct slap_set_cookie { - struct slap_op *op; + struct slap_op *set_op; } SetCookie; /* this routine needs to return the bervals instead of