From c06208527c2588a1ce9036ac4644dfe4b5e7ee2a Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sat, 19 Jun 2004 10:32:17 +0000 Subject: [PATCH] protocol only allows positive integers; check, just in case... --- servers/slapd/search.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/servers/slapd/search.c b/servers/slapd/search.c index 7f79cf6773..1783c9619f 100644 --- a/servers/slapd/search.c +++ b/servers/slapd/search.c @@ -98,6 +98,16 @@ do_search( goto return_results; } + if ( op->ors_tlimit < 0 || op->ors_tlimit > SLAP_MAX_LIMIT ) { + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid time limit" ); + goto return_results; + } + + if ( op->ors_slimit < 0 || op->ors_slimit > SLAP_MAX_LIMIT ) { + send_ldap_error( op, rs, LDAP_PROTOCOL_ERROR, "invalid size limit" ); + goto return_results; + } + switch( op->ors_scope ) { case LDAP_SCOPE_BASE: case LDAP_SCOPE_ONELEVEL: -- 2.39.5