Add a safety check to bvcasechr

[openldap] / servers / slapd / search.c

diff --git a/servers/slapd/search.c b/servers/slapd/search.c
index 5f8d78c0a689bad18d857ade47bc4bbd748b5086..c3a6acc34d127809fe07deaf85632e8eca55f4d2 100644 (file)
--- a/servers/slapd/search.c
+++ b/servers/slapd/search.c
@@ -1,6 +1,6 @@
 /* $OpenLDAP$ */
 /*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 /* Portions
@@ -30,15 +30,15 @@ do_search(
     Connection *conn,  /* where to send results */
     Operation  *op     /* info about the op to which we're responding */
 ) {
-       int             i;
        ber_int_t       scope, deref, attrsonly;
        ber_int_t       sizelimit, timelimit;
        struct berval base = { 0, NULL };
-       struct berval *pbase = NULL;
-       struct berval *nbase = NULL;
-       char            *fstr = NULL;
+       struct berval pbase = { 0, NULL };
+       struct berval nbase = { 0, NULL };
+       struct berval   fstr = { 0, NULL };
        Filter          *filter = NULL;
-       char            **attrs = NULL;
+       AttributeName   *an;
+       ber_len_t       siz, off, i;
        Backend         *be;
        int                     rc;
        const char      *text;
@@ -76,7 +76,7 @@ do_search(
         */
 
        /* baseObject, scope, derefAliases, sizelimit, timelimit, attrsOnly */
-       if ( ber_scanf( op->o_ber, "{oiiiib" /*}*/,
+       if ( ber_scanf( op->o_ber, "{miiiib" /*}*/,
                &base, &scope, &deref, &sizelimit,
            &timelimit, &attrsonly ) == LBER_ERROR )
        {
@@ -109,7 +109,7 @@ do_search(
                goto return_results;
        }
 
-       rc = dnPretty( NULL, &base, &pbase );
+       rc = dnPrettyNormal( NULL, &base, &pbase, &nbase );
        if( rc != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
@@ -124,30 +124,15 @@ do_search(
                goto return_results;
        }
 
-       rc = dnNormalize( NULL, &base, &nbase );
-       if( rc != LDAP_SUCCESS ) {
-#ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                       "do_searc: conn %d  invalid dn (%s)\n",
-                       conn->c_connid, base.bv_val ));
-#else
-               Debug( LDAP_DEBUG_ANY,
-                       "do_search: invalid dn (%s)\n", base.bv_val, 0, 0 );
-#endif
-               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
-                   "invalid DN", NULL, NULL );
-               goto return_results;
-       }
-
-
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
                "do_search \"%s\" %d %d %d %d %d\n", base.bv_val, scope,
                deref, sizelimit, timelimit, attrsonly ));
 #else
-       Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d", base.bv_val, scope, deref );
-       Debug( LDAP_DEBUG_ARGS, "    %d %d %d\n", sizelimit, timelimit,
-           attrsonly);
+       Debug( LDAP_DEBUG_ARGS, "SRCH \"%s\" %d %d",
+               base.bv_val, scope, deref );
+       Debug( LDAP_DEBUG_ARGS, "    %d %d %d\n",
+               sizelimit, timelimit, attrsonly);
 #endif
 
        /* filter - returns a "normalized" version */
@@ -165,19 +150,25 @@ do_search(
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
-               "do_search: conn %d     filter: %s\n", conn->c_connid, fstr ));
+               "do_search: conn %d     filter: %s\n", conn->c_connid, fstr.bv_val ));
 #else
-       Debug( LDAP_DEBUG_ARGS, "    filter: %s\n", fstr, 0, 0 );
+       Debug( LDAP_DEBUG_ARGS, "    filter: %s\n", fstr.bv_val, 0, 0 );
 #endif
 
-
        /* attributes */
-       if ( ber_scanf( op->o_ber, /*{*/ "{v}}", &attrs ) == LBER_ERROR ) {
+       siz = sizeof(AttributeName);
+       off = 0;
+       if ( ber_scanf( op->o_ber, "{M}}", &an, &siz, off ) == LBER_ERROR ) {
                send_ldap_disconnect( conn, op,
                        LDAP_PROTOCOL_ERROR, "decoding attrs error" );
                rc = SLAPD_DISCONNECT;
                goto return_results;
        }
+       for ( i=0; i<siz; i++ ) {
+               an[i].an_desc = NULL;
+               an[i].an_oc = NULL;
+               slap_bv2ad(&an[i].an_name, &an[i].an_desc, &text);
+       }
 
        if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
@@ -189,9 +180,7 @@ do_search(
 #endif
 
                goto return_results;
-       } 
-
-       rc = LDAP_SUCCESS;
+       }
 
 #ifdef NEW_LOGGING
        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
@@ -200,16 +189,14 @@ do_search(
        Debug( LDAP_DEBUG_ARGS, "    attrs:", 0, 0, 0 );
 #endif
 
-
-       if ( attrs != NULL ) {
-               for ( i = 0; attrs[i] != NULL; i++ ) {
+       if ( siz != 0 ) {
+               for ( i = 0; i<siz; i++ ) {
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
-                               "do_search:        %s", attrs[i] ));
+                               "do_search:        %s", an[i].an_name.bv_val ));
 #else
-                       Debug( LDAP_DEBUG_ARGS, " %s", attrs[i], 0, 0 );
+                       Debug( LDAP_DEBUG_ARGS, " %s", an[i].an_name.bv_val, 0, 0 );
 #endif
-
                }
        }
 
@@ -221,16 +208,16 @@ do_search(
 
        Statslog( LDAP_DEBUG_STATS,
            "conn=%ld op=%d SRCH base=\"%s\" scope=%d filter=\"%s\"\n",
-           op->o_connid, op->o_opid, pbase->bv_val, scope, fstr );
+           op->o_connid, op->o_opid, pbase.bv_val, scope, fstr.bv_val );
 
        manageDSAit = get_manageDSAit( op );
 
        if ( scope == LDAP_SCOPE_BASE ) {
                Entry *entry = NULL;
 
-               if ( strcasecmp( nbase->bv_val, LDAP_ROOT_DSE ) == 0 ) {
+               if ( nbase.bv_len == 0 ) {
 #ifdef LDAP_CONNECTIONLESS
-                       /* Ignore LDAPv2 CLDAP DSE queries */
+                       /* Ignore LDAPv2 CLDAP Root DSE queries */
                        if (op->o_protocol==LDAP_VERSION2 && conn->c_is_udp) {
                                goto return_results;
                        }
@@ -247,7 +234,7 @@ do_search(
                }
 
 #if defined( SLAPD_SCHEMA_DN )
-               else if ( strcasecmp( nbase->bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
+               else if ( strcasecmp( nbase.bv_val, SLAPD_SCHEMA_DN ) == 0 ) {
                        /* check restrictions */
                        rc = backend_check_restrictions( NULL, conn, op, NULL, &text ) ;
                        if( rc != LDAP_SUCCESS ) {
@@ -271,7 +258,7 @@ do_search(
 
                        if( rc == LDAP_COMPARE_TRUE ) {
                                send_search_entry( NULL, conn, op,
-                                       entry, attrs, attrsonly, NULL );
+                                       entry, an, attrsonly, NULL );
                        }
                        entry_free( entry );
 
@@ -282,14 +269,12 @@ do_search(
                }
        }
 
-       if( !nbase->bv_len && default_search_nbase.bv_len ) {
-               ch_free( base.bv_val );
-               ch_free( nbase->bv_val );
+       if( !nbase.bv_len && default_search_nbase.bv_len ) {
+               ch_free( pbase.bv_val );
+               ch_free( nbase.bv_val );
 
-               base.bv_val = ch_strdup( default_search_base.bv_val );
-               base.bv_len = default_search_base.bv_len;
-               nbase->bv_val = ch_strdup( default_search_nbase.bv_val );
-               nbase->bv_len = default_search_nbase.bv_len;
+               ber_dupbv( &pbase, &default_search_base );
+               ber_dupbv( &nbase, &default_search_nbase );
        }
 
        /*
@@ -297,14 +282,14 @@ do_search(
         * appropriate one, or send a referral to our "referral server"
         * if we don't hold it.
         */
-       if ( (be = select_backend( nbase, manageDSAit, 1 )) == NULL ) {
-               struct berval **ref = referral_rewrite( default_referral,
-                       NULL, pbase->bv_val, scope );
+       if ( (be = select_backend( &nbase, manageDSAit, 1 )) == NULL ) {
+               BerVarray ref = referral_rewrite( default_referral,
+                       NULL, &pbase, scope );
 
                send_ldap_result( conn, op, rc = LDAP_REFERRAL,
                        NULL, NULL, ref ? ref : default_referral, NULL );
 
-               ber_bvecfree( ref );
+               ber_bvarray_free( ref );
                goto return_results;
        }
 
@@ -317,34 +302,32 @@ do_search(
        }
 
        /* check for referrals */
-       rc = backend_check_referrals( be, conn, op, pbase->bv_val, nbase->bv_val );
+       rc = backend_check_referrals( be, conn, op, &pbase, &nbase );
        if ( rc != LDAP_SUCCESS ) {
                goto return_results;
        }
 
        /* deref the base if needed */
-       suffix_alias( be, nbase );
+       suffix_alias( be, &nbase );
 
        /* actually do the search and send the result(s) */
        if ( be->be_search ) {
-               (*be->be_search)( be, conn, op, pbase->bv_val, nbase->bv_val,
+               (*be->be_search)( be, conn, op, &pbase, &nbase,
                        scope, deref, sizelimit,
-                   timelimit, filter, fstr, attrs, attrsonly );
+                   timelimit, filter, &fstr, an, attrsonly );
        } else {
                send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
-                       NULL, "operation not supported within namingContext", NULL, NULL );
+                       NULL, "operation not supported within namingContext",
+                       NULL, NULL );
        }
 
 return_results:;
-       free( base.bv_val );
-       if( pbase != NULL) ber_bvfree( pbase );
-       if( nbase != NULL) ber_bvfree( nbase );
+       if( pbase.bv_val != NULL) free( pbase.bv_val );
+       if( nbase.bv_val != NULL) free( nbase.bv_val );
 
-       if( fstr != NULL) free( fstr );
+       if( fstr.bv_val != NULL) free( fstr.bv_val );
        if( filter != NULL) filter_free( filter );
-       if ( attrs != NULL ) {
-               charray_free( attrs );
-       }
+       free(an);
 
        return rc;
 }