From: Kurt Zeilenga <kurt@openldap.org>
Date: Sat, 30 Sep 2000 02:37:05 +0000 (+0000)
Subject: Don't touch (unescape) URL handed to rebind proc.
X-Git-Tag: LDBM_PRE_GIANT_RWLOCK~1852
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=f8d9bffb98ba44958cb86f0541153ef6ab10fb52;p=openldap

Don't touch (unescape) URL handed to rebind proc.
---

diff --git a/libraries/libldap/request.c b/libraries/libldap/request.c
index 82be383618..b83cafba18 100644
--- a/libraries/libldap/request.c
+++ b/libraries/libldap/request.c
@@ -788,8 +788,7 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp )
 
 	len = strlen( *errstrp );
 	for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
-		if (( *p == 'R' || *p == 'r' ) && strncasecmp( p,
-		    LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
+		if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
 			*p = '\0';
 			p += LDAP_REF_STR_LEN;
 			break;
@@ -826,6 +825,9 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp )
 			p = NULL;
 		}
 
+		/* copy the complete referral for rebind process */
+		rinfo.ri_url = LDAP_STRDUP( ref );
+
 		ldap_pvt_hex_unescape( ref );
 		len = strlen( ref );
 
@@ -841,12 +843,11 @@ ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp )
 			    "ignoring unknown referral <%s>\n", ref, 0, 0 );
 			rc = ldap_append_referral( ld, &unfollowed, ref );
 			*hadrefp = 1;
+			LDAP_FREE( rinfo.ri_url );
+			rinfo.ri_url = NULL;
 			continue;
 		}
 
-		/* copy the complete referral for rebind process */
-		rinfo.ri_url = LDAP_STRDUP( ref );
-
 		*hadrefp = 1;
 
 		if (( refdn = strchr( tmpref, '/' )) != NULL ) {
diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
index ccb7eca613..dc188bf813 100644
--- a/libraries/libldap/url.c
+++ b/libraries/libldap/url.c
@@ -950,10 +950,10 @@ ldap_url_search_s(
 void
 ldap_pvt_hex_unescape( char *s )
 {
-/*
-* Remove URL hex escapes from s... done in place.  The basic concept for
-* this routine is borrowed from the WWW library HTUnEscape() routine.
-*/
+	/*
+	 * Remove URL hex escapes from s... done in place.  The basic concept for
+	 * this routine is borrowed from the WWW library HTUnEscape() routine.
+	 */
 	char	*p;
 
 	for ( p = s; *s != '\0'; ++s ) {