]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/schema_init.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More for ITS#8043
[openldap] / servers / slapd / schema_init.c
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index 77b8760a08361e000b94130f44bbab9e7bb7bd61..e702e19749b4e24e8595f3a433ccaa4929aa17df 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2013 The OpenLDAP Foundation.
+ * Copyright 1998-2014 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -1735,16 +1735,15 @@ UTF8StringValidate(
        Syntax *syntax,
        struct berval *in )
 {
-       ber_len_t count;
        int len;
-       unsigned char *u = (unsigned char *)in->bv_val;
+       unsigned char *u = (unsigned char *)in->bv_val, *end = in->bv_val + in->bv_len;
 
        if( BER_BVISEMPTY( in ) && syntax == slap_schema.si_syn_directoryString ) {
                /* directory strings cannot be empty */
                return LDAP_INVALID_SYNTAX;
        }
 
-       for( count = in->bv_len; count > 0; count -= len, u += len ) {
+       for( ; u < end; u += len ) {
                /* get the length indicated by the first byte */
                len = LDAP_UTF8_CHARLEN2( u, len );
 
@@ -1782,7 +1781,7 @@ UTF8StringValidate(
                if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
        }
 
-       if( count != 0 ) {
+       if( u > end ) {
                return LDAP_INVALID_SYNTAX;
        }
 
@@ -2636,8 +2635,10 @@ integerIndexer(
                                itmp.bv_len = maxstrlen;
                }
                rc = integerVal2Key( &values[i], &keys[i], &itmp, ctx );
-               if ( rc )
+               if ( rc ) {
+                       slap_sl_free( keys, ctx );
                        goto func_leave;
+               }
        }
        *keysp = keys;
 func_leave:
@@ -2684,12 +2685,16 @@ integerFilter(
        }
 
        rc = integerVal2Key( value, keys, &iv, ctx );
-       if ( rc == 0 )
-               *keysp = keys;
 
        if ( iv.bv_val != ibuf ) {
                slap_sl_free( iv.bv_val, ctx );
        }
+
+       if ( rc == 0 )
+               *keysp = keys;
+       else
+               slap_sl_free( keys, ctx );
+
        return rc;
 }
 
@@ -3265,6 +3270,7 @@ serialNumberAndIssuerCheck(
                                        }
                                        if ( is->bv_val[is->bv_len+1] == '"' ) {
                                                /* double dquote */
+                                               numdquotes++;
                                                is->bv_len += 2;
                                                continue;
                                        }
@@ -3668,12 +3674,14 @@ certificateExactNormalize(
        tag = ber_skip_tag( ber, &len );        /* SignatureAlg */
        ber_skip_data( ber, len );
        tag = ber_peek_tag( ber, &len );        /* IssuerDN */
-       len = ber_ptrlen( ber );
-       bvdn.bv_val = val->bv_val + len;
-       bvdn.bv_len = val->bv_len - len;
+       if ( len ) {
+               len = ber_ptrlen( ber );
+               bvdn.bv_val = val->bv_val + len;
+               bvdn.bv_len = val->bv_len - len;
 
-       rc = dnX509normalize( &bvdn, &issuer_dn );
-       if ( rc != LDAP_SUCCESS ) goto done;
+               rc = dnX509normalize( &bvdn, &issuer_dn );
+               if ( rc != LDAP_SUCCESS ) goto done;
+       }
 
        normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
                + sn2.bv_len + issuer_dn.bv_len;
@@ -3840,6 +3848,7 @@ issuerAndThisUpdateCheck(
                                }
                                if ( is->bv_val[is->bv_len+1] == '"' ) {
                                        /* double dquote */
+                                       numdquotes++;
                                        is->bv_len += 2;
                                        continue;
                                }
@@ -4382,6 +4391,7 @@ serialNumberAndIssuerSerialCheck(
                                                }
                                                if ( is->bv_val[is->bv_len + 1] == '"' ) {
                                                        /* double dquote */
+                                                       numdquotes++;
                                                        is->bv_len += 2;
                                                        continue;
                                                }
Cloned from git://git.openldap.org/openldap.git