From 03dbc30deb6c0d68f37f68a22fb46442d687b654 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Tue, 26 Dec 2006 04:51:08 +0000 Subject: [PATCH] Use temporary AttributeDescriptions to prevent unbounded growth --- servers/slapd/ad.c | 18 ++++++++++++++++++ servers/slapd/ava.c | 9 +++++++-- servers/slapd/filter.c | 35 ++++++++++++++++++++++++----------- servers/slapd/mra.c | 8 ++++++-- servers/slapd/proto-slap.h | 4 ++++ servers/slapd/slap.h | 1 + 6 files changed, 60 insertions(+), 15 deletions(-) diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c index c9601a3a10..72808e851b 100644 --- a/servers/slapd/ad.c +++ b/servers/slapd/ad.c @@ -773,6 +773,24 @@ int slap_bv2undef_ad( return LDAP_SUCCESS; } +AttributeDescription * +slap_bv2tmp_ad( + struct berval *bv, + void *memctx ) +{ + AttributeDescription *ad = + slap_sl_mfuncs.bmf_malloc( sizeof(AttributeDescription) + + bv->bv_len + 1, memctx ); + + ad->ad_cname.bv_val = (char *)(ad+1); + strncpy( ad->ad_cname.bv_val, bv->bv_val, bv->bv_len+1 ); + ad->ad_cname.bv_len = bv->bv_len; + ad->ad_flags = SLAP_DESC_TEMPORARY; + ad->ad_type = slap_schema.si_at_undefined; + + return ad; +} + static int undef_promote( AttributeType *at, diff --git a/servers/slapd/ava.c b/servers/slapd/ava.c index 653675fd22..a815c16365 100644 --- a/servers/slapd/ava.c +++ b/servers/slapd/ava.c @@ -48,6 +48,8 @@ ava_free( nibble_mem_free ( ava->aa_cf->cf_ca->ca_comp_data.cd_mem_op ); #endif op->o_tmpfree( ava->aa_value.bv_val, op->o_tmpmemctx ); + if ( ava->aa_desc->ad_flags & SLAP_DESC_TEMPORARY ) + op->o_tmpfree( ava->aa_desc, op->o_tmpmemctx ); if ( freeit ) op->o_tmpfree( (char *) ava, op->o_tmpmemctx ); } @@ -87,12 +89,15 @@ get_ava( if( rc != LDAP_SUCCESS ) { f->f_choice |= SLAPD_FILTER_UNDEFINED; *text = NULL; - rc = slap_bv2undef_ad( &type, &aa->aa_desc, text, SLAP_AD_PROXIED); + rc = slap_bv2undef_ad( &type, &aa->aa_desc, text, + SLAP_AD_PROXIED|SLAP_AD_NOINSERT ); if( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_FILTER, "get_ava: unknown attributeType %s\n", type.bv_val, 0, 0 ); - op->o_tmpfree( aa, op->o_tmpmemctx ); + aa->aa_desc = slap_bv2tmp_ad( &type, op->o_tmpmemctx ); + ber_dupbv_x( &aa->aa_value, &value, op->o_tmpmemctx ); + f->f_ava = aa; return rc; } } diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c index 2c6274430e..c1aa9acbc6 100644 --- a/servers/slapd/filter.c +++ b/servers/slapd/filter.c @@ -167,7 +167,9 @@ get_filter( if( err != LDAP_SUCCESS ) { f.f_choice |= SLAPD_FILTER_UNDEFINED; - err = slap_bv2undef_ad( &type, &f.f_desc, text, SLAP_AD_PROXIED); + err = slap_bv2undef_ad( &type, &f.f_desc, text, + SLAP_AD_PROXIED|SLAP_AD_NOINSERT ); + if ( err != LDAP_SUCCESS ) { /* unrecognized attribute description or other error */ Debug( LDAP_DEBUG_ANY, @@ -176,6 +178,7 @@ get_filter( op->o_connid, type.bv_val, err ); err = LDAP_SUCCESS; + f.f_desc = slap_bv2tmp_ad( &type, op->o_tmpmemctx ); } *text = NULL; } @@ -344,19 +347,15 @@ get_ssa( if( rc != LDAP_SUCCESS ) { f->f_choice |= SLAPD_FILTER_UNDEFINED; - rc = slap_bv2undef_ad( &desc, &ssa.sa_desc, text, SLAP_AD_PROXIED); + rc = slap_bv2undef_ad( &desc, &ssa.sa_desc, text, + SLAP_AD_PROXIED|SLAP_AD_NOINSERT ); + if( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "get_ssa: conn %lu unknown attribute type=%s (%ld)\n", op->o_connid, desc.bv_val, (long) rc ); - /* skip over the rest of this filter */ - for ( tag = ber_first_element( ber, &len, &last ); - tag != LBER_DEFAULT; - tag = ber_next_element( ber, &len, last ) ) { - ber_scanf( ber, "x" ); - } - return rc; + ssa.sa_desc = slap_bv2tmp_ad( &desc, op->o_tmpmemctx ); } } @@ -449,6 +448,8 @@ return_error: (long) rc, 0, 0 ); slap_sl_free( ssa.sa_initial.bv_val, op->o_tmpmemctx ); ber_bvarray_free_x( ssa.sa_any, op->o_tmpmemctx ); + if ( ssa.sa_desc->ad_flags & SLAP_DESC_TEMPORARY ) + op->o_tmpfree( ssa.sa_desc, op->o_tmpmemctx ); slap_sl_free( ssa.sa_final.bv_val, op->o_tmpmemctx ); return rc; } @@ -495,6 +496,8 @@ filter_free_x( Operation *op, Filter *f ) if ( f->f_sub_final.bv_val != NULL ) { op->o_tmpfree( f->f_sub_final.bv_val, op->o_tmpmemctx ); } + if ( f->f_sub->sa_desc->ad_flags & SLAP_DESC_TEMPORARY ) + op->o_tmpfree( f->f_sub->sa_desc, op->o_tmpmemctx ); op->o_tmpfree( f->f_sub, op->o_tmpmemctx ); break; @@ -804,7 +807,10 @@ filter_dup( Filter *f, void *memctx ) n->f_result = f->f_result; break; case LDAP_FILTER_PRESENT: - n->f_desc = f->f_desc; + if ( f->f_desc->ad_flags & SLAP_DESC_TEMPORARY ) + n->f_desc = slap_bv2tmp_ad( &f->f_desc->ad_cname, memctx ); + else + n->f_desc = f->f_desc; break; case LDAP_FILTER_EQUALITY: case LDAP_FILTER_GE: @@ -813,11 +819,16 @@ filter_dup( Filter *f, void *memctx ) /* Should this be ava_dup() ? */ n->f_ava = mf->bmf_calloc( 1, sizeof(AttributeAssertion), memctx ); *n->f_ava = *f->f_ava; + if ( f->f_av_desc->ad_flags & SLAP_DESC_TEMPORARY ) + n->f_av_desc = slap_bv2tmp_ad( &f->f_av_desc->ad_cname, memctx ); ber_dupbv_x( &n->f_av_value, &f->f_av_value, memctx ); break; case LDAP_FILTER_SUBSTRINGS: n->f_sub = mf->bmf_calloc( 1, sizeof(SubstringsAssertion), memctx ); - n->f_sub_desc = f->f_sub_desc; + if ( f->f_sub_desc->ad_flags & SLAP_DESC_TEMPORARY ) + n->f_sub_desc = slap_bv2tmp_ad( &f->f_sub_desc->ad_cname, memctx ); + else + n->f_sub_desc = f->f_sub_desc; if ( !BER_BVISNULL( &f->f_sub_initial )) ber_dupbv_x( &n->f_sub_initial, &f->f_sub_initial, memctx ); if ( f->f_sub_any ) { @@ -841,6 +852,8 @@ filter_dup( Filter *f, void *memctx ) length += f->f_mr_rule_text.bv_len + 1; n->f_mra = mf->bmf_calloc( 1, length, memctx ); *n->f_mra = *f->f_mra; + if ( f->f_mr_desc && ( f->f_sub_desc->ad_flags & SLAP_DESC_TEMPORARY )) + n->f_mr_desc = slap_bv2tmp_ad( &f->f_mr_desc->ad_cname, memctx ); ber_dupbv_x( &n->f_mr_value, &f->f_mr_value, memctx ); if ( !BER_BVISNULL( &f->f_mr_rule_text )) { n->f_mr_rule_text.bv_val = (char *)(n->f_mra+1); diff --git a/servers/slapd/mra.c b/servers/slapd/mra.c index ea3d866fc1..a94bc417dc 100644 --- a/servers/slapd/mra.c +++ b/servers/slapd/mra.c @@ -41,6 +41,8 @@ mra_free( #endif /* op->o_tmpfree( mra->ma_value.bv_val, op->o_tmpmemctx ); */ ch_free( mra->ma_value.bv_val ); + if ( mra->ma_desc && mra->ma_desc->ad_flags & SLAP_DESC_TEMPORARY ) + op->o_tmpfree( mra->ma_desc, op->o_tmpmemctx ); if ( freeit ) op->o_tmpfree( (char *) mra, op->o_tmpmemctx ); } @@ -142,10 +144,12 @@ get_mra( rc = slap_bv2ad( &type, &ma.ma_desc, text ); if( rc != LDAP_SUCCESS ) { f->f_choice |= SLAPD_FILTER_UNDEFINED; - rc = slap_bv2undef_ad( &type, &ma.ma_desc, text, SLAP_AD_PROXIED); + rc = slap_bv2undef_ad( &type, &ma.ma_desc, text, + SLAP_AD_PROXIED|SLAP_AD_NOINSERT ); if( rc != LDAP_SUCCESS ) { - return rc; + ma.ma_desc = slap_bv2tmp_ad( &type, op->o_tmpmemctx ); + rc = LDAP_SUCCESS; } } } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index eb44ddb643..2640ca5fa8 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -153,6 +153,10 @@ LDAP_SLAPD_F (int) slap_bv2undef_ad LDAP_P(( const char **text, unsigned proxied )); +LDAP_SLAPD_F (AttributeDescription *) slap_bv2tmp_ad LDAP_P(( + struct berval *bv, + void *memctx )); + LDAP_SLAPD_F (int) slap_ad_undef_promote LDAP_P(( char *name, AttributeType *nat )); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 535c362466..95cb6c2876 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -782,6 +782,7 @@ typedef struct slap_attr_desc { #define SLAP_DESC_NONE 0x00U #define SLAP_DESC_BINARY 0x01U #define SLAP_DESC_TAG_RANGE 0x80U +#define SLAP_DESC_TEMPORARY 0x1000U } AttributeDescription; /* flags to slap_*2undef_ad to register undefined (0, the default) -- 2.39.5