Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
openldap2.20856
0212-ITS-9404-fix-serialNumberAndIssuerCheck.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0212-ITS-9404-fix-serialNumberAndIssuerCheck.patch of Package openldap2.20856
From 02e18c2f80eb89ef9dbab323a1c4301e713c8b79 Mon Sep 17 00:00:00 2001 From: Howard Chu <hyc@openldap.org> Date: Mon, 23 Nov 2020 17:14:00 +0000 Subject: [PATCH 212/224] ITS#9404 fix serialNumberAndIssuerCheck Tighten validity checks --- servers/slapd/schema_init.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c index 3c5ee3dad..f9200d362 100644 --- a/servers/slapd/schema_init.c +++ b/servers/slapd/schema_init.c @@ -3189,7 +3189,7 @@ serialNumberAndIssuerCheck( if( in->bv_len < 3 ) return LDAP_INVALID_SYNTAX; - if( in->bv_val[0] != '{' && in->bv_val[in->bv_len-1] != '}' ) { + if( in->bv_val[0] != '{' || in->bv_val[in->bv_len-1] != '}' ) { /* Parse old format */ is->bv_val = ber_bvchr( in, '$' ); if( BER_BVISNULL( is ) ) return LDAP_INVALID_SYNTAX; @@ -3220,7 +3220,7 @@ serialNumberAndIssuerCheck( HAVE_ALL = ( HAVE_ISSUER | HAVE_SN ) } have = HAVE_NONE; - int numdquotes = 0; + int numdquotes = 0, gotquote; struct berval x = *in; struct berval ni; x.bv_val++; @@ -3262,11 +3262,12 @@ serialNumberAndIssuerCheck( is->bv_val = x.bv_val; is->bv_len = 0; - for ( ; is->bv_len < x.bv_len; ) { + for ( gotquote=0; is->bv_len < x.bv_len; ) { if ( is->bv_val[is->bv_len] != '"' ) { is->bv_len++; continue; } + gotquote = 1; if ( is->bv_val[is->bv_len+1] == '"' ) { /* double dquote */ numdquotes++; @@ -3275,6 +3276,8 @@ serialNumberAndIssuerCheck( } break; } + if ( !gotquote ) return LDAP_INVALID_SYNTAX; + x.bv_val += is->bv_len + 1; x.bv_len -= is->bv_len + 1; -- 2.30.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor