]> git.sur5r.net Git - openldap/commitdiff
projects / openldap / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0f2f4f3)
fp_parse_line():
authorHallvard Furuseth <hallvard@openldap.org>
Mon, 11 Jul 2005 18:56:50 +0000 (18:56 +0000)
committerHallvard Furuseth <hallvard@openldap.org>
Mon, 11 Jul 2005 18:56:50 +0000 (18:56 +0000)
* More slapd.conf-keywords with passwords to log as "<keyword> ***":
  "syncrepl" (in slapd), "acl-bind", "acl-method", "idassert-bind"
  (in back-ldap), "acl-passwd" (in back-<ldap/meta>).
* When no tokens, i = -1 initialization caused out-of-bounds access.
* Handle initial argc == argv_size (e.g. 0).

servers/slapd/config.c patch | blob | history

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 024e12d3bcf54cc521c1319cd33c69368598234b..aaa47146a9b403465a8074186cd8480b4f8b9723 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -1083,9 +1083,16 @@ static int
 fp_parse_line(ConfigArgs *c)
 {
        char *token;
-       char *hide[] = { "rootpw", "replica", "bindpw", "pseudorootpw", "dbpasswd", '\0' };
+       static char *const hide[] = {
+               "rootpw", "replica", "syncrepl",  /* in slapd */
+               "acl-bind", "acl-method", "idassert-bind",  /* in back-ldap */
+               "acl-passwd", "bindpw",  /* in back-<ldap/meta> */
+               "pseudorootpw",  /* in back-meta */
+               "dbpasswd",  /* in back-sql */
+               NULL
+       };
        char *quote_ptr;
-       int i = -1;
+       int i = (int)(sizeof(hide)/sizeof(hide[0])) - 1;
 
        c->tline = ch_strdup(c->line);
        token = strtok_quote(c->tline, " \t", &quote_ptr);
@@ -1096,8 +1103,8 @@ fp_parse_line(ConfigArgs *c)
                hide[i] ? hide[i] : c->line, hide[i] ? " ***" : "");
        if(quote_ptr) *quote_ptr = '\0';
 
-       for(; token; token = strtok_quote(NULL, " \t", &quote_ptr)) {
-               if(c->argc == c->argv_size - 1) {
+       for(;; token = strtok_quote(NULL, " \t", &quote_ptr)) {
+               if(c->argc >= c->argv_size) {
                        char **tmp;
                        tmp = ch_realloc(c->argv, (c->argv_size + ARGS_STEP) * sizeof(*c->argv));
                        if(!tmp) {
@@ -1107,6 +1114,8 @@ fp_parse_line(ConfigArgs *c)
                        c->argv = tmp;
                        c->argv_size += ARGS_STEP;
                }
+               if(token == NULL)
+                       break;
                c->argv[c->argc++] = token;
        }
        c->argv[c->argc] = NULL;
Cloned from git://git.openldap.org/openldap.git