]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/schema_init.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'origin/mdb.RE/0.9'
[openldap] / servers / slapd / schema_init.c
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index d177795925d03b6c41389b98669f9d4a53b9f282..fe3db715c8b5ee715c349d5e01c45f2d9c136921 100644 (file)
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2013 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -1780,16 +1780,15 @@ UTF8StringValidate(
        Syntax *syntax,
        struct berval *in )
 {
-       ber_len_t count;
        int len;
-       unsigned char *u = (unsigned char *)in->bv_val;
+       unsigned char *u = (unsigned char *)in->bv_val, *end = in->bv_val + in->bv_len;
 
        if( BER_BVISEMPTY( in ) && syntax == slap_schema.si_syn_directoryString ) {
                /* directory strings cannot be empty */
                return LDAP_INVALID_SYNTAX;
        }
 
-       for( count = in->bv_len; count > 0; count -= len, u += len ) {
+       for( ; u < end; u += len ) {
                /* get the length indicated by the first byte */
                len = LDAP_UTF8_CHARLEN2( u, len );
 
@@ -1827,7 +1826,7 @@ UTF8StringValidate(
                if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
        }
 
-       if( count != 0 ) {
+       if( u > end ) {
                return LDAP_INVALID_SYNTAX;
        }
 
@@ -2681,8 +2680,10 @@ integerIndexer(
                                itmp.bv_len = maxstrlen;
                }
                rc = integerVal2Key( &values[i], &keys[i], &itmp, ctx );
-               if ( rc )
+               if ( rc ) {
+                       slap_sl_free( keys, ctx );
                        goto func_leave;
+               }
        }
        *keysp = keys;
 func_leave:
@@ -2729,12 +2730,16 @@ integerFilter(
        }
 
        rc = integerVal2Key( value, keys, &iv, ctx );
-       if ( rc == 0 )
-               *keysp = keys;
 
        if ( iv.bv_val != ibuf ) {
                slap_sl_free( iv.bv_val, ctx );
        }
+
+       if ( rc == 0 )
+               *keysp = keys;
+       else
+               slap_sl_free( keys, ctx );
+
        return rc;
 }
 
@@ -3310,6 +3315,7 @@ serialNumberAndIssuerCheck(
                                        }
                                        if ( is->bv_val[is->bv_len+1] == '"' ) {
                                                /* double dquote */
+                                               numdquotes++;
                                                is->bv_len += 2;
                                                continue;
                                        }
@@ -3713,12 +3719,14 @@ certificateExactNormalize(
        tag = ber_skip_tag( ber, &len );        /* SignatureAlg */
        ber_skip_data( ber, len );
        tag = ber_peek_tag( ber, &len );        /* IssuerDN */
-       len = ber_ptrlen( ber );
-       bvdn.bv_val = val->bv_val + len;
-       bvdn.bv_len = val->bv_len - len;
+       if ( len ) {
+               len = ber_ptrlen( ber );
+               bvdn.bv_val = val->bv_val + len;
+               bvdn.bv_len = val->bv_len - len;
 
-       rc = dnX509normalize( &bvdn, &issuer_dn );
-       if ( rc != LDAP_SUCCESS ) goto done;
+               rc = dnX509normalize( &bvdn, &issuer_dn );
+               if ( rc != LDAP_SUCCESS ) goto done;
+       }
 
        normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
                + sn2.bv_len + issuer_dn.bv_len;
@@ -3885,6 +3893,7 @@ issuerAndThisUpdateCheck(
                                }
                                if ( is->bv_val[is->bv_len+1] == '"' ) {
                                        /* double dquote */
+                                       numdquotes++;
                                        is->bv_len += 2;
                                        continue;
                                }
@@ -4427,6 +4436,7 @@ serialNumberAndIssuerSerialCheck(
                                                }
                                                if ( is->bv_val[is->bv_len + 1] == '"' ) {
                                                        /* double dquote */
+                                                       numdquotes++;
                                                        is->bv_len += 2;
                                                        continue;
                                                }
Cloned from git://git.openldap.org/openldap.git