diff --git a/servers/slapd/back-ldif/ldif.c b/servers/slapd/back-ldif/ldif.c index dc1d88757e..3cd9bcb78a 100644 --- a/servers/slapd/back-ldif/ldif.c +++ b/servers/slapd/back-ldif/ldif.c @@ -420,6 +420,8 @@ static int r_enum_tree(enumCookie *ck, struct berval *path, if ( ptr ) { itmp.bv_len = ptr - itmp.bv_val; ber_dupbv( &bvl->num, &itmp ); + /* FIXME: handle error? */ + assert( itmp.bv_val[ 0 ] != '-' ); bvl->inum = strtoul( itmp.bv_val, NULL, 0 ); itmp.bv_val[0] = '\0'; bvl->off = itmp.bv_val - bvl->bv.bv_val; diff --git a/servers/slapd/ldapsync.c b/servers/slapd/ldapsync.c index cc1ed87054..7d9b9cf20e 100644 --- a/servers/slapd/ldapsync.c +++ b/servers/slapd/ldapsync.c @@ -114,6 +114,9 @@ slap_parse_sync_cookie( return -1; } + if ( rid_ptr[ STRLENOF( "rid=" ) ] == '-' ) { + return -1; + } cookie->rid = strtoul( &rid_ptr[ STRLENOF( "rid=" ) ], &next, 10 ); if ( next == &rid_ptr[ STRLENOF( "rid=" ) ] || ( next[ 0 ] != ',' && next[ 0 ] != '\0' ) ) { return -1; diff --git a/servers/slapd/overlays/retcode.c b/servers/slapd/overlays/retcode.c index 44a1b709c0..add5a75235 100644 --- a/servers/slapd/overlays/retcode.c +++ b/servers/slapd/overlays/retcode.c @@ -531,7 +531,7 @@ retcode_entry_response( Operation *op, SlapReply *rs, BackendInfo *bi, Entry *e /* sleep time */ a = attr_find( e->e_attrs, ad_errSleepTime ); - if ( a != NULL ) { + if ( a != NULL && a->a_nvals[ 0 ].bv_val[ 0 ] != '-' ) { int sleepTime; sleepTime = strtoul( a->a_nvals[ 0 ].bv_val, &next, 0 ); diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c index b8f9a74329..0e20fa7707 100644 --- a/servers/slapd/syncrepl.c +++ b/servers/slapd/syncrepl.c @@ -2983,8 +2983,11 @@ parse_syncrepl_line( } else if ( strchr( val, ':' ) != NULL ) { char *next, *ptr = val; unsigned dd, hh, mm, ss; + + /* NOTE: the test for ptr[ 0 ] == '-' + * should go before the call to strtoul() */ dd = strtoul( ptr, &next, 10 ); - if ( next == ptr || next[0] != ':' ) { + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' ) { snprintf( c->msg, sizeof( c->msg ), "Error: parse_syncrepl_line: " "invalid interval \"%s\", unable to parse days", val ); @@ -2993,7 +2996,7 @@ parse_syncrepl_line( } ptr = next + 1; hh = strtoul( ptr, &next, 10 ); - if ( next == ptr || next[0] != ':' || hh > 24 ) { + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' || hh > 24 ) { snprintf( c->msg, sizeof( c->msg ), "Error: parse_syncrepl_line: " "invalid interval \"%s\", unable to parse hours", val ); @@ -3002,7 +3005,7 @@ parse_syncrepl_line( } ptr = next + 1; mm = strtoul( ptr, &next, 10 ); - if ( next == ptr || next[0] != ':' || mm > 60 ) { + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != ':' || mm > 60 ) { snprintf( c->msg, sizeof( c->msg ), "Error: parse_syncrepl_line: " "invalid interval \"%s\", unable to parse minutes", val ); @@ -3011,7 +3014,7 @@ parse_syncrepl_line( } ptr = next + 1; ss = strtoul( ptr, &next, 10 ); - if ( next == ptr || next[0] != '\0' || ss > 60 ) { + if ( ptr[ 0 ] == '-' || next == ptr || next[0] != '\0' || ss > 60 ) { snprintf( c->msg, sizeof( c->msg ), "Error: parse_syncrepl_line: " "invalid interval \"%s\", unable to parse seconds", val );