From: Hallvard Furuseth Date: Mon, 11 Jul 2005 18:56:50 +0000 (+0000) Subject: fp_parse_line(): X-Git-Tag: OPENLDAP_AC_BP~420 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=ba5305eea47500d3e83ceef95ae335a709a57e83;p=openldap fp_parse_line(): * More slapd.conf-keywords with passwords to log as " ***": "syncrepl" (in slapd), "acl-bind", "acl-method", "idassert-bind" (in back-ldap), "acl-passwd" (in back-). * When no tokens, i = -1 initialization caused out-of-bounds access. * Handle initial argc == argv_size (e.g. 0). --- diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 024e12d3bc..aaa47146a9 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -1083,9 +1083,16 @@ static int fp_parse_line(ConfigArgs *c) { char *token; - char *hide[] = { "rootpw", "replica", "bindpw", "pseudorootpw", "dbpasswd", '\0' }; + static char *const hide[] = { + "rootpw", "replica", "syncrepl", /* in slapd */ + "acl-bind", "acl-method", "idassert-bind", /* in back-ldap */ + "acl-passwd", "bindpw", /* in back- */ + "pseudorootpw", /* in back-meta */ + "dbpasswd", /* in back-sql */ + NULL + }; char *quote_ptr; - int i = -1; + int i = (int)(sizeof(hide)/sizeof(hide[0])) - 1; c->tline = ch_strdup(c->line); token = strtok_quote(c->tline, " \t", "e_ptr); @@ -1096,8 +1103,8 @@ fp_parse_line(ConfigArgs *c) hide[i] ? hide[i] : c->line, hide[i] ? " ***" : ""); if(quote_ptr) *quote_ptr = '\0'; - for(; token; token = strtok_quote(NULL, " \t", "e_ptr)) { - if(c->argc == c->argv_size - 1) { + for(;; token = strtok_quote(NULL, " \t", "e_ptr)) { + if(c->argc >= c->argv_size) { char **tmp; tmp = ch_realloc(c->argv, (c->argv_size + ARGS_STEP) * sizeof(*c->argv)); if(!tmp) { @@ -1107,6 +1114,8 @@ fp_parse_line(ConfigArgs *c) c->argv = tmp; c->argv_size += ARGS_STEP; } + if(token == NULL) + break; c->argv[c->argc++] = token; } c->argv[c->argc] = NULL;