X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fschema_init.c;h=fe3db715c8b5ee715c349d5e01c45f2d9c136921;hb=13a8b6110acb64afac50002aac76ac027ae5f1b4;hp=d177795925d03b6c41389b98669f9d4a53b9f282;hpb=01f4aeac4c9ccc42a998c18f8995ce453d819b13;p=openldap

diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index d177795925..fe3db715c8 100644
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2013 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -1780,16 +1780,15 @@ UTF8StringValidate(
 	Syntax *syntax,
 	struct berval *in )
 {
-	ber_len_t count;
 	int len;
-	unsigned char *u = (unsigned char *)in->bv_val;
+	unsigned char *u = (unsigned char *)in->bv_val, *end = in->bv_val + in->bv_len;
 
 	if( BER_BVISEMPTY( in ) && syntax == slap_schema.si_syn_directoryString ) {
 		/* directory strings cannot be empty */
 		return LDAP_INVALID_SYNTAX;
 	}
 
-	for( count = in->bv_len; count > 0; count -= len, u += len ) {
+	for( ; u < end; u += len ) {
 		/* get the length indicated by the first byte */
 		len = LDAP_UTF8_CHARLEN2( u, len );
 
@@ -1827,7 +1826,7 @@ UTF8StringValidate(
 		if( LDAP_UTF8_OFFSET( (char *)u ) != len ) return LDAP_INVALID_SYNTAX;
 	}
 
-	if( count != 0 ) {
+	if( u > end ) {
 		return LDAP_INVALID_SYNTAX;
 	}
 
@@ -2681,8 +2680,10 @@ integerIndexer(
 				itmp.bv_len = maxstrlen;
 		}
 		rc = integerVal2Key( &values[i], &keys[i], &itmp, ctx );
-		if ( rc )
+		if ( rc ) {
+			slap_sl_free( keys, ctx );
 			goto func_leave;
+		}
 	}
 	*keysp = keys;
 func_leave:
@@ -2729,12 +2730,16 @@ integerFilter(
 	}
 
 	rc = integerVal2Key( value, keys, &iv, ctx );
-	if ( rc == 0 )
-		*keysp = keys;
 
 	if ( iv.bv_val != ibuf ) {
 		slap_sl_free( iv.bv_val, ctx );
 	}
+
+	if ( rc == 0 )
+		*keysp = keys;
+	else
+		slap_sl_free( keys, ctx );
+
 	return rc;
 }
 
@@ -3310,6 +3315,7 @@ serialNumberAndIssuerCheck(
 					}
 					if ( is->bv_val[is->bv_len+1] == '"' ) {
 						/* double dquote */
+						numdquotes++;
 						is->bv_len += 2;
 						continue;
 					}
@@ -3713,12 +3719,14 @@ certificateExactNormalize(
 	tag = ber_skip_tag( ber, &len );	/* SignatureAlg */
 	ber_skip_data( ber, len );
 	tag = ber_peek_tag( ber, &len );	/* IssuerDN */
-	len = ber_ptrlen( ber );
-	bvdn.bv_val = val->bv_val + len;
-	bvdn.bv_len = val->bv_len - len;
+	if ( len ) {
+		len = ber_ptrlen( ber );
+		bvdn.bv_val = val->bv_val + len;
+		bvdn.bv_len = val->bv_len - len;
 
-	rc = dnX509normalize( &bvdn, &issuer_dn );
-	if ( rc != LDAP_SUCCESS ) goto done;
+		rc = dnX509normalize( &bvdn, &issuer_dn );
+		if ( rc != LDAP_SUCCESS ) goto done;
+	}
 
 	normalized->bv_len = STRLENOF( "{ serialNumber , issuer rdnSequence:\"\" }" )
 		+ sn2.bv_len + issuer_dn.bv_len;
@@ -3885,6 +3893,7 @@ issuerAndThisUpdateCheck(
 				}
 				if ( is->bv_val[is->bv_len+1] == '"' ) {
 					/* double dquote */
+					numdquotes++;
 					is->bv_len += 2;
 					continue;
 				}
@@ -4427,6 +4436,7 @@ serialNumberAndIssuerSerialCheck(
 						}
 						if ( is->bv_val[is->bv_len + 1] == '"' ) {
 							/* double dquote */
+							numdquotes++;
 							is->bv_len += 2;
 							continue;
 						}