more about sizelimit disclose issue in back-meta (ITS#4213)

2025-01-06 10:46:21 +08:00 · 2005-12-11 23:39:09 +00:00 · 2005-12-11 23:39:09 +00:00 · e113e18bb6
commit e113e18bb6
parent 8687dace5b
4 changed files with 73 additions and 1 deletions
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@ -453,7 +453,7 @@ really_bad:;
 				ldap_msgfree( res );
 				res = NULL;

-				switch ( rc ) {
+				switch ( rs->sr_err ) {
 				case LDAP_SIZELIMIT_EXCEEDED:
 					savepriv = op->o_private;
 					op->o_private = (void *)i;
--- a/tests/data/meta.out
+++ b/tests/data/meta.out
@ -1442,3 +1442,29 @@ member: cn=Another Added Group,ou=Groups,o=Example,c=US

 # refldap://localhost:9016/cn=Somewhere,ou=Meta,dc=example,dc=com??sub

+# Checking server-enforced size limit...
+Size limit exceeded (4)
+dn: ou=Alumni Association,ou=People,o=Example,c=US
+
+dn: cn=Dan Aykroyd,ou=Meta,o=Example,c=US
+
+dn: o=Example,c=US
+
+dn: ou=Groups,o=Example,c=US
+
+dn: cn=John Belushi,ou=Meta,o=Example,c=US
+
+dn: ou=Meta,o=Example,c=US
+
+dn: ou=People,o=Example,c=US
+
+dn: ou=Same as above,ou=Meta,o=Example,c=US
+
+# refldap://localhost:9016/cn=Somewhere,ou=Meta,dc=example,dc=com??sub
+
+# Checking client-requested size limit...
+Size limit exceeded (4)
+dn: o=Example,c=US
+
+dn: ou=Meta,o=Example,c=US
+
--- a/tests/data/slapd-meta.conf
+++ b/tests/data/slapd-meta.conf
@ -59,4 +59,6 @@ suffixmassage	"o=Example,c=US" "dc=example,dc=com"
 pseudorootdn	"cn=manager,dc=example,dc=com"
 pseudorootpw	secret

+limits		dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=Example,c=US" time=1 size=8
+
 #monitor#database	monitor
--- a/tests/scripts/test035-meta
+++ b/tests/scripts/test035-meta
@ -471,6 +471,50 @@ case $RC in
 	;;
 esac

+echo "Checking server-enforced size limit..."
+echo "# Checking server-enforced size limit..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 \
+	-D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
+	-b "$BASEDN" "(objectClass=*)" 1.1 \
+	>> $SEARCHOUT 2>&1
+RC=$?
+case $RC in 
+	0)
+		echo "Search should have failed ($RC)!"
+		test $KILLSERVERS != no && kill -HUP $KILLPIDS
+		exit -1
+	;;
+	4)
+	;;
+	*)
+		echo "Search failed ($RC)!"
+		test $KILLSERVERS != no && kill -HUP $KILLPIDS
+		exit $RC
+	;;
+esac
+
+echo "Checking client-requested size limit..."
+echo "# Checking client-requested size limit..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 \
+	-D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
+	-b "$BASEDN" -z 2 "(objectClass=*)" 1.1 \
+	>> $SEARCHOUT 2>&1
+RC=$?
+case $RC in 
+	0)
+		echo "Search should have failed ($RC)!"
+		test $KILLSERVERS != no && kill -HUP $KILLPIDS
+		exit -1
+	;;
+	4)
+	;;
+	*)
+		echo "Search failed ($RC)!"
+		test $KILLSERVERS != no && kill -HUP $KILLPIDS
+		exit $RC
+	;;
+esac
+
 echo "Filtering ldapsearch results..."
 . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
 echo "Filtering original ldif used to create database..."