From c1a31ac9a2d7a559216053cdc83e676913f125b7 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sun, 12 Dec 1999 03:16:46 +0000 Subject: [PATCH] Fix decoding of sasl bind and extended operation responses. --- libraries/libldap/extended.c | 21 ++++++++++----- libraries/libldap/sasl.c | 51 ++++++++++++++++++++++-------------- 2 files changed, 47 insertions(+), 25 deletions(-) diff --git a/libraries/libldap/extended.c b/libraries/libldap/extended.c index fe6f549f22..a24d944ee8 100644 --- a/libraries/libldap/extended.c +++ b/libraries/libldap/extended.c @@ -189,8 +189,6 @@ ldap_parse_extended_result ( if( retoidp != NULL ) *retoidp = NULL; if( retdatap != NULL ) *retdatap = NULL; - ber = ber_dup( res->lm_ber ); - if ( ld->ld_error ) { LDAP_FREE( ld->ld_error ); ld->ld_error = NULL; @@ -201,6 +199,13 @@ ldap_parse_extended_result ( ld->ld_matched = NULL; } + ber = ber_dup( res->lm_ber ); + + if ( ber == NULL ) { + ld->ld_errno = LDAP_NO_MEMORY; + return ld->ld_errno; + } + rc = ber_scanf( ber, "{iaa" /*}*/, &errcode, &ld->ld_matched, &ld->ld_error ); @@ -217,11 +222,13 @@ ldap_parse_extended_result ( if( tag == LDAP_TAG_REFERRAL ) { /* skip over referral */ - tag = ber_scanf( ber, "x" ); - - if( tag != LBER_ERROR ) { - tag = ber_peek_tag( ber, &len ); + if( ber_scanf( ber, "x" ) == LBER_ERROR ) { + ld->ld_errno = LDAP_DECODING_ERROR; + ber_free( ber, 0 ); + return ld->ld_errno; } + + tag = ber_peek_tag( ber, &len ); } if( tag == LDAP_TAG_EXOP_RES_OID ) { @@ -245,6 +252,8 @@ ldap_parse_extended_result ( } } + ber_free( ber, 0 ); + if( retoidp != NULL ) { *retoidp = resoid; } else { diff --git a/libraries/libldap/sasl.c b/libraries/libldap/sasl.c index a397288c4d..81a97dd593 100644 --- a/libraries/libldap/sasl.c +++ b/libraries/libldap/sasl.c @@ -264,7 +264,6 @@ ldap_parse_sasl_bind_result( return ld->ld_errno; } - errcode = LDAP_SUCCESS; scred = NULL; if ( ld->ld_error ) { @@ -280,55 +279,69 @@ ldap_parse_sasl_bind_result( ber = ber_dup( res->lm_ber ); + if( ber == NULL ) { + ld->ld_errno = LDAP_NO_MEMORY; + return ld->ld_errno; + } + if ( ld->ld_version < LDAP_VERSION2 ) { tag = ber_scanf( ber, "{ia}", &errcode, &ld->ld_error ); + if( tag == LBER_ERROR ) { + ber_free( ber, 0 ); + ld->ld_errno = LDAP_DECODING_ERROR; + return ld->ld_errno; + } + } else { ber_len_t len; tag = ber_scanf( ber, "{iaa" /*}*/, &errcode, &ld->ld_matched, &ld->ld_error ); - if( tag != LBER_ERROR ) { - tag = ber_peek_tag(ber, &len); + if( tag == LBER_ERROR ) { + ber_free( ber, 0 ); + ld->ld_errno = LDAP_DECODING_ERROR; + return ld->ld_errno; } + tag = ber_peek_tag(ber, &len); + if( tag == LDAP_TAG_REFERRAL ) { /* skip 'em */ - tag = ber_scanf( ber, "x" ); - - if( tag != LBER_ERROR ) { - tag = ber_peek_tag(ber, &len); + if( ber_scanf( ber, "x" ) == LBER_ERROR ) { + ber_free( ber, 0 ); + ld->ld_errno = LDAP_DECODING_ERROR; + return ld->ld_errno; } + + tag = ber_peek_tag(ber, &len); } - /* need to clean out misc items */ if( tag == LDAP_TAG_SASL_RES_CREDS ) { - tag = ber_scanf( ber, "O", &scred ); + if( ber_scanf( ber, "O", &scred ) == LBER_ERROR ) { + ber_free( ber, 0 ); + ld->ld_errno = LDAP_DECODING_ERROR; + return ld->ld_errno; + } } } - if ( tag == LBER_ERROR ) { - errcode = LDAP_DECODING_ERROR; - } - - if( ber != NULL ) { - ber_free( ber, 0 ); - } + ber_free( ber, 0 ); - /* return */ - if ( errcode == LDAP_SUCCESS && servercredp != NULL ) { + if ( servercredp != NULL ) { *servercredp = scred; } else if ( scred != NULL ) { ber_bvfree( scred ); } + ld->ld_errno = errcode; + if ( freeit ) { ldap_msgfree( res ); } - ld->ld_errno = errcode; return( ld->ld_errno ); } -- 2.39.5