/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2003-2005 The OpenLDAP Foundation.
+ * Copyright 2003-2006 The OpenLDAP Foundation.
* Portions Copyright 2003 IBM Corporation.
* All rights reserved.
*
int rid )
{
char cookiestr[ LDAP_LUTIL_CSNSTR_BUFSIZE + 20 ];
+ int len;
if ( BER_BVISNULL( csn )) {
if ( rid == -1 ) {
cookiestr[0] = '\0';
+ len = 0;
} else {
- snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
+ len = snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
"rid=%03d", rid );
}
} else {
- if ( rid == -1 ) {
- snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
- "csn=%s", csn->bv_val );
- } else {
- snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
- "csn=%s,rid=%03d", csn->bv_val, rid );
+ char *end = cookiestr + sizeof(cookiestr);
+ char *ptr = lutil_strcopy( cookiestr, "csn=" );
+ len = csn->bv_len;
+ if ( ptr + len >= end )
+ len = end - ptr;
+ ptr = lutil_strncopy( ptr, csn->bv_val, len );
+ if ( rid != -1 && ptr < end - STRLENOF(",rid=xxx") ) {
+ ptr += sprintf( ptr, ",rid=%03d", rid );
}
+ len = ptr - cookiestr;
}
- ber_str2bv( cookiestr, strlen(cookiestr), 1, cookie );
+ ber_str2bv_x( cookiestr, len, 1, cookie,
+ op ? op->o_tmpmemctx : NULL );
}
void
int
slap_parse_sync_cookie(
- struct sync_cookie *cookie
+ struct sync_cookie *cookie,
+ void *memctx
)
{
char *csn_ptr;
int csn_str_len;
int valid = 0;
char *rid_ptr;
- char *rid_str;
char *cval;
+ char *next;
if ( cookie == NULL )
return -1;
+ if ( cookie->octet_str.bv_len <= STRLENOF( "rid=" ) )
+ return -1;
+
+ cookie->rid = -1;
+ /* FIXME: may read past end of cookie->octet_str.bv_val */
+ rid_ptr = strstr( cookie->octet_str.bv_val, "rid=" );
+ if ( rid_ptr == NULL
+ || rid_ptr > &cookie->octet_str.bv_val[ cookie->octet_str.bv_len - STRLENOF( "rid=" ) ] )
+ {
+ return -1;
+ }
+
+ if ( rid_ptr[ STRLENOF( "rid=" ) ] == '-' ) {
+ return -1;
+ }
+ cookie->rid = strtoul( &rid_ptr[ STRLENOF( "rid=" ) ], &next, 10 );
+ if ( next == &rid_ptr[ STRLENOF( "rid=" ) ] || ( next[ 0 ] != ',' && next[ 0 ] != '\0' ) ) {
+ return -1;
+ }
+
while (( csn_ptr = strstr( cookie->octet_str.bv_val, "csn=" )) != NULL ) {
AttributeDescription *ad = slap_schema.si_ad_modifyTimestamp;
slap_syntax_validate_func *validate;
struct berval stamp;
+ /* This only happens when called from main */
+ if ( ad == NULL )
+ break;
+
+ if ( csn_ptr >= &cookie->octet_str.bv_val[ cookie->octet_str.bv_len - STRLENOF( "csn=" ) ] ) {
+ return -1;
+ }
+
csn_str = csn_ptr + STRLENOF("csn=");
cval = strchr( csn_str, ',' );
- if ( cval )
+ if ( cval && cval < &cookie->octet_str.bv_val[ cookie->octet_str.bv_len ] )
csn_str_len = cval - csn_str;
else
csn_str_len = 0;
/* FIXME use csnValidate when it gets implemented */
csn_ptr = strchr( csn_str, '#' );
- if ( !csn_ptr ) break;
+ if ( !csn_ptr || csn_str >= &cookie->octet_str.bv_val[ cookie->octet_str.bv_len ] ) break;
stamp.bv_val = csn_str;
stamp.bv_len = csn_ptr - csn_str;
break;
}
if ( valid ) {
- ber_str2bv( csn_str, csn_str_len, 1, &cookie->ctxcsn );
+ ber_str2bv_x( csn_str, csn_str_len, 1, &cookie->ctxcsn, memctx );
} else {
BER_BVZERO( &cookie->ctxcsn );
}
- if (( rid_ptr = strstr( cookie->octet_str.bv_val, "rid=" )) != NULL ) {
- rid_str = SLAP_STRNDUP( rid_ptr,
- SLAP_SYNC_RID_SIZE + sizeof("rid=") - 1 );
- if ( (cval = strchr( rid_str, ',' )) != NULL ) {
- *cval = '\0';
- }
- cookie->rid = atoi( rid_str + sizeof("rid=") - 1 );
- ch_free( rid_str );
- } else {
- cookie->rid = -1;
- }
return 0;
}
struct sync_cookie *src
)
{
- int i;
struct sync_cookie *new;
- struct berval tmp_bv;
if ( src == NULL )
return NULL;