Make accessmask2str reentrant.

diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index fcd202b1506d2213c4b91d2779a2742960c5c5c3..e324182bac44ff630d51eacf1aed04b688196f21 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -68,6 +68,7 @@ access_allowed(
 {
        int                             count;
        AccessControl   *a;
+       char accessmaskbuf[ACCESSMASK_MAXLEN];
        slap_access_mask_t mask;
        slap_control_t control;
 
@@ -171,7 +172,7 @@ access_allowed(
                "=> access_allowed: %s access %s by %s\n",
                access2str( access ),
                ACL_GRANT(mask, access) ? "granted" : "denied",
-               accessmask2str( mask ) );
+               accessmask2str( mask, accessmaskbuf ) );
 
        return ACL_GRANT(mask, access);
 }
@@ -195,7 +196,6 @@ acl_get(
 )
 {
        AccessControl   *next;
-
        assert( e != NULL );
        assert( count != NULL );
 
@@ -277,6 +277,7 @@ acl_mask(
 {
        int             i;
        Access  *b;
+       char accessmaskbuf[ACCESSMASK_MAXLEN];
 
        assert( a != NULL );
        assert( mask != NULL );
@@ -289,7 +290,7 @@ acl_mask(
                "=> acl_mask: to value \"%s\" by \"%s\", (%s) \n",
                val ? val->bv_val : "*",
                op->o_ndn ?  op->o_ndn : "",
-               accessmask2str( *mask ) );
+               accessmask2str( *mask, accessmaskbuf ) );
 
        for ( i = 1, b = a->acl_access; b != NULL; b = b->a_next, i++ ) {
                slap_access_mask_t oldmask, modmask;
@@ -482,7 +483,7 @@ acl_mask(
 
                Debug( LDAP_DEBUG_ACL,
                        "<= acl_mask: [%d] applying %s (%s)\n",
-                       i, accessmask2str( modmask ), 
+                       i, accessmask2str( modmask, accessmaskbuf ), 
                        b->a_type == ACL_CONTINUE
                                ? "continue"
                                : b->a_type == ACL_BREAK
@@ -512,8 +513,8 @@ acl_mask(
                }
 
                Debug( LDAP_DEBUG_ACL,
-                       "<= acl_mask: [%d] old: %s new: %s\n",
-                       i, accessmask2str(oldmask), accessmask2str(*mask));
+                       "<= acl_mask: [%d] mask: %s\n",
+                       i, accessmask2str(*mask, accessmaskbuf), 0 );
 
                if( b->a_type == ACL_CONTINUE ) {
                        continue;
@@ -528,7 +529,7 @@ acl_mask(
 
        Debug( LDAP_DEBUG_ACL,
                "<= acl_mask: no more <who> clauses, returning %s (stop)\n",
-               accessmask2str(*mask), 0, 0 );
+               accessmask2str(*mask, accessmaskbuf), 0, 0 );
        return ACL_STOP;
 }
 
@@ -984,6 +985,7 @@ string_expand(
 
        size = 0;
        newbuf[0] = '\0';
+       bufsiz--; /* leave space for lone $ */
 
        flag = 0;
        for ( dp = newbuf, sp = pat; size < bufsiz && *sp ; sp++) {
@@ -1017,6 +1019,13 @@ string_expand(
                        }
                }
        }
+
+       if (flag) {
+               /* must have ended with a single $ */
+               *dp++ = '$';
+               size++;
+       }
+
        *dp = '\0';
 
        Debug( LDAP_DEBUG_TRACE, "=> string_expand: pattern:  %s\n", pat, 0, 0 );

diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index afc120b680210685844affb62205960d67cee8f1..8c7ca3ed0040cfa7709c968a8a58feece07b9a65 100644 (file)
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -469,11 +469,12 @@ parse_acl(
 }
 
 char *
-accessmask2str( slap_access_mask_t mask )
+accessmask2str( slap_access_mask_t mask, char *buf )
 {
-       static char     buf[sizeof("unknown (+wrscan)")]; 
        int none=1;
 
+       assert( buf != NULL );
+
        if ( ACL_IS_INVALID( mask ) ) {
                return "invalid";
        }
@@ -689,6 +690,8 @@ acl_append( AccessControl **l, AccessControl *a )
 static void
 print_access( Access *b )
 {
+       char maskbuf[ACCESSMASK_MAXLEN];
+
        fprintf( stderr, "\tby" );
 
        if ( b->a_dn_pat != NULL ) {
@@ -743,7 +746,7 @@ print_access( Access *b )
 
        fprintf( stderr, " %s%s",
                b->a_dn_self ? "self" : "",
-               accessmask2str( b->a_mask ) );
+               accessmask2str( b->a_mask, maskbuf ) );
 
        if( b->a_type == ACL_BREAK ) {
                fprintf( stderr, " break" );

diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index f676bc0e16f3466f62ab46ca9e9077c34ae3006d..928cfc2d34ec9d4adad42db8eda61f590529f934 100644 (file)
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -38,7 +38,8 @@ void parse_acl LDAP_P(( Backend *be,
 char * access2str LDAP_P(( slap_access_t access ));
 slap_access_t str2access LDAP_P(( const char *str ));
 
-char * accessmask2str LDAP_P(( slap_access_mask_t mask ));
+#define ACCESSMASK_MAXLEN      sizeof("unknown (+wrscan)")
+char * accessmask2str LDAP_P(( slap_access_mask_t mask, char* ));
 slap_access_mask_t str2accessmask LDAP_P(( const char *str ));
 
 /*