More cleanup in ldap_pvt_tls_destroy()

[openldap] / libraries / libldap / getdn.c

diff --git a/libraries/libldap/getdn.c b/libraries/libldap/getdn.c
index ff1d012253506b4543d6d0bb7ce61adbd45bd2ab..5af3069c77bb02fcd42cc7893753300187d5e108 100644 (file)
--- a/libraries/libldap/getdn.c
+++ b/libraries/libldap/getdn.c
@@ -174,7 +174,7 @@ ldap_explode_rdn( LDAP_CONST char *rdn, int notypes )
         * FIXME: we prefer efficiency over checking if the _ENTIRE_
         * dn can be parsed
         */
-       if ( ldap_str2rdn( rdn, &tmpRDN, &p, LDAP_DN_FORMAT_LDAP ) 
+       if ( ldap_str2rdn( rdn, &tmpRDN, (char **) &p, LDAP_DN_FORMAT_LDAP ) 
                        != LDAP_SUCCESS ) {
                return( NULL );
        }
@@ -299,7 +299,8 @@ ldap_dn2ad_canonical( LDAP_CONST char *dn )
  *     LDAP_DN_FORMAT_AD_CANONICAL     (?)
  */
 int
-ldap_dn_normalize( const char *dnin, unsigned fin, char **dnout, unsigned fout )
+ldap_dn_normalize( LDAP_CONST char *dnin,
+       unsigned fin, char **dnout, unsigned fout )
 {
        int     rc;
        LDAPDN  *tmpDN = NULL;
@@ -589,7 +590,7 @@ ldap_dnfree( LDAPDN *dn )
 #define        TMP_SLOTS       1024
 
 int
-ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
+ldap_str2dn( LDAP_CONST char *str, LDAPDN **dn, unsigned flags )
 {
        const char      *p;
        int             rc = LDAP_DECODING_ERROR;
@@ -651,7 +652,7 @@ ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
        for ( ; p[ 0 ]; p++ ) {
                int             err;
                
-               err = ldap_str2rdn( p, &newRDN, &p, flags );
+               err = ldap_str2rdn( p, &newRDN, (char **) &p, flags );
                if ( err != LDAP_SUCCESS ) {
                        goto parsing_error;
                }
@@ -689,7 +690,20 @@ ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
                tmpDN[nrdns++] = newRDN;
                newRDN = NULL;
 
+#if 0
+               /*
+                * prone to attacks?
+                */
                assert (nrdns < TMP_SLOTS);
+#else
+               /*
+                * make the static AVA array dynamically rescalable
+                */
+               if (nrdns >= TMP_SLOTS) {
+                       rc = LDAP_DECODING_ERROR;
+                       goto parsing_error;
+               }
+#endif
                                
                if ( p[ 0 ] == '\0' ) {
                        /* 
@@ -744,8 +758,10 @@ return_result:;
  * corresponds to the rdn separator or to '\0' in case the string is over.
  */
 int
-ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags )
+ldap_str2rdn( LDAP_CONST char *str, LDAPRDN **rdn,
+       char **n_in, unsigned flags )
 {
+       const char  **n = (const char **) n_in;
        const char      *p;
        int             navas = 0;
        int             state = B4AVA;
@@ -1037,7 +1053,12 @@ ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags )
                         * here STRING means RFC 2253 string
                         * FIXME: what about DCE strings? 
                         */
-                       state = B4STRINGVALUE;
+                       if ( !p[ 0 ] ) {
+                               /* empty value */
+                               state = GOTAVA;
+                       } else {
+                               state = B4STRINGVALUE;
+                       }
                        break;
 
                case B4BINARYVALUE:
@@ -1101,12 +1122,16 @@ ldap_str2rdn( const char *str, LDAPRDN **rdn, const char **n, unsigned flags )
                                 */
                                ava = ldapava_new( &attrType, &attrValue, 
                                                attrValueEncoding );
+                               
                                if ( ava == NULL ) {
                                        rc = LDAP_NO_MEMORY;
                                        goto parsing_error;
                                }
                                tmpRDN[navas++] = ava;
 
+                               attrValue.bv_val = NULL;
+                               attrValue.bv_len = 0;
+
                                assert(navas < TMP_SLOTS);
                        }
                        
@@ -1255,6 +1280,9 @@ str2strval( const char *str, struct berval *val, const char **next, unsigned fla
                         */
                        unescapes++;
 
+               } else if (!LDAP_DN_ASCII_PRINTABLE( p[ 0 ] ) ) {
+                       *retFlags = LDAP_AVA_NONPRINTABLE;
+
                } else if ( ( LDAP_DN_LDAP( flags ) && LDAP_DN_VALUE_END_V2( p[ 0 ] ) ) 
                                || ( LDAP_DN_LDAPV3( flags ) && LDAP_DN_VALUE_END( p[ 0 ] ) ) ) {
                        break;