hex digits need to be in pairs (ITS#6652)

diff --git a/servers/slapd/overlays/accesslog.c b/servers/slapd/overlays/accesslog.c
index af35ac1332a2a692522c8331d3a29c31de22f7b0..8522c5e4a46e284b4dc50b742d1b907389d2c9a0 100644 (file)
--- a/servers/slapd/overlays/accesslog.c
+++ b/servers/slapd/overlays/accesslog.c
@@ -1051,6 +1051,8 @@ logSchemaControlValidate(
        /* extract and check controlValue */
        if ( strncasecmp( &val.bv_val[ i ], "controlValue ", STRLENOF( "controlValue " ) ) == 0 )
        {
+               ber_len_t valueStart, valueLen;
+
                i += STRLENOF( "controlValue " );
                for ( ; i < val.bv_len; i++ ) {
                        if ( !ASCII_SPACE( val.bv_val[ i ] ) ) {
@@ -1066,7 +1068,10 @@ logSchemaControlValidate(
                        return LDAP_INVALID_SYNTAX;
                }
 
-               for ( i++; i < val.bv_len; i++ ) {
+               i++;
+               valueStart = i;
+
+               for ( ; i < val.bv_len; i++ ) {
                        if ( val.bv_val[ i ] == '"' ) {
                                break;
                        }
@@ -1080,6 +1085,11 @@ logSchemaControlValidate(
                        return LDAP_INVALID_SYNTAX;
                }
 
+               valueLen = i - valueStart;
+               if ( (valueLen/2)*2 != valueLen ) {
+                       return LDAP_INVALID_SYNTAX;
+               }
+
                for ( i++; i < val.bv_len; i++ ) {
                        if ( !ASCII_SPACE( val.bv_val[ i ] ) ) {
                                break;