From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Wed, 3 Sep 2008 02:05:01 +0000 (+0000)
Subject: ITS#5581 fix
X-Git-Tag: OPENLDAP_REL_ENG_2_4_12~98
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=1e02ef615bcba17f3f7603d2d4218d53457a4f8d;p=openldap

ITS#5581 fix
---

diff --git a/CHANGES b/CHANGES
index bbf2c9a314..04db6fee6a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,7 @@ OpenLDAP 2.4.12 Engineering
 	Fixed slapo-memberof internal operations DN (ITS#5622)
 	Fixed slapo-rwm callback cleanup (ITS#5601)
 	Fixed slapo-rwm attr mapping and merging (ITS#5624)
+	Fixed slapo-unique filter validation (ITS#5581)
 	Build Environment
 		Fixed ODBC library detection (ITS#5602)
 	Documentation
diff --git a/servers/slapd/overlays/unique.c b/servers/slapd/overlays/unique.c
index af39de3ab2..0f6479b2a7 100644
--- a/servers/slapd/overlays/unique.c
+++ b/servers/slapd/overlays/unique.c
@@ -239,6 +239,7 @@ unique_new_domain_uri ( unique_domain_uri **urip,
 
 	if (url_desc->lud_filter) {
 		Filter *f = str2filter( url_desc->lud_filter );
+		char *ptr;
 		if ( !f ) {
 			snprintf( c->cr_msg, sizeof( c->cr_msg ),
 				  "unique: bad filter");
@@ -248,6 +249,14 @@ unique_new_domain_uri ( unique_domain_uri **urip,
 		/* make sure the strfilter is in normal form (ITS#5581) */
 		filter2bv( f, &uri->filter );
 		filter_free( f );
+		ptr = strstr( uri->filter.bv_val, "(?=" /*)*/ );
+		if ( ptr != NULL && ptr <= ( uri->filter.bv_val - STRLENOF( "(?=" /*)*/ ) + uri->filter.bv_len ) )
+		{
+			snprintf( c->cr_msg, sizeof( c->cr_msg ),
+				  "unique: bad filter");
+			rc = ARG_BAD_CONF;
+			goto exit;
+		}
 	}
 exit:
 	uri->next = *urip;
@@ -406,6 +415,14 @@ unique_cf_base( ConfigArgs *c )
 			rc = ARG_BAD_CONF;
 			break;
 		}
+		if ( be->be_nsuffix == NULL ) {
+			snprintf( c->cr_msg, sizeof( c->cr_msg ),
+				  "suffix must be set" );
+			Debug ( LDAP_DEBUG_CONFIG, "unique config: %s\n",
+				c->cr_msg, NULL, NULL );
+			rc = ARG_BAD_CONF;
+			break;
+		}
 		if ( !dnIsSuffix ( &c->value_ndn,
 				   &be->be_nsuffix[0] ) ) {
 			snprintf( c->cr_msg, sizeof( c->cr_msg ),
@@ -959,6 +976,13 @@ unique_search(
 	Debug(LDAP_DEBUG_TRACE, "==> unique_search %s\n", key, 0, 0);
 
 	nop->ors_filter = str2filter_x(nop, key->bv_val);
+	if(nop->ors_filter == NULL) {
+		op->o_bd->bd_info = (BackendInfo *) on->on_info;
+		send_ldap_error(op, rs, LDAP_OTHER,
+			"unique_search invalid filter");
+		return(rs->sr_err);
+	}
+
 	nop->ors_filterstr = *key;
 
 	cb.sc_response	= (slap_response*)count_attr_cb;