From c9778dd116308b24a7206e06f65c6b537a562b8f Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 22 Jul 1999 19:06:56 +0000 Subject: [PATCH] Implement better DN checking... make sure attribute type is an OID or a proper type string (letter followed by 0 or more alnum/-). --- servers/slapd/dn.c | 50 +++++++++++++++++++++++++++++++++--------- servers/slapd/modrdn.c | 2 +- servers/slapd/slap.h | 16 ++++++++++++++ 3 files changed, 57 insertions(+), 11 deletions(-) diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c index a04cacfba9..cb356d0639 100644 --- a/servers/slapd/dn.c +++ b/servers/slapd/dn.c @@ -13,12 +13,13 @@ #define B4LEADTYPE 0 #define B4TYPE 1 -#define INTYPE 2 -#define B4EQUAL 3 -#define B4VALUE 4 -#define INVALUE 5 -#define INQUOTEDVALUE 6 -#define B4SEPARATOR 7 +#define INOIDTYPE 2 +#define INKEYTYPE 3 +#define B4EQUAL 4 +#define B4VALUE 5 +#define INVALUE 6 +#define INQUOTEDVALUE 7 +#define B4SEPARATOR 8 /* * dn_normalize - put dn into a canonical format. the dn is @@ -37,21 +38,47 @@ dn_normalize( char *dn ) switch ( state ) { case B4LEADTYPE: case B4TYPE: - if ( ! SPACE( *s ) ) { - state = INTYPE; + if ( LEADOIDCHAR(*s) ) { + state = INOIDTYPE; + *d++ = *s; + } else if ( LEADKEYCHAR(*s) ) { + state = INKEYTYPE; + *d++ = *s; + } else if ( ! SPACE( *s ) ) { + dn = NULL; + state = INKEYTYPE; *d++ = *s; } break; - case INTYPE: - if ( *s == '=' ) { + + case INOIDTYPE: + if ( OIDCHAR(*s) ) { + *d++ = *s; + } else if ( *s == '=' ) { state = B4VALUE; *d++ = *s; } else if ( SPACE( *s ) ) { state = B4EQUAL; } else { + dn = NULL; *d++ = *s; } break; + + case INKEYTYPE: + if ( KEYCHAR(*s) ) { + *d++ = *s; + } else if ( *s == '=' ) { + state = B4VALUE; + *d++ = *s; + } else if ( SPACE( *s ) ) { + state = B4EQUAL; + } else { + dn = NULL; + *d++ = *s; + } + break; + case B4EQUAL: if ( *s == '=' ) { state = B4VALUE; @@ -62,6 +89,7 @@ dn_normalize( char *dn ) dn = NULL; } break; + case B4VALUE: if ( *s == '"' ) { state = INQUOTEDVALUE; @@ -71,6 +99,7 @@ dn_normalize( char *dn ) *d++ = *s; } break; + case INVALUE: if ( !gotesc && SEPARATOR( *s ) ) { while ( SPACE( *(d - 1) ) ) @@ -89,6 +118,7 @@ dn_normalize( char *dn ) *d++ = *s; } break; + case INQUOTEDVALUE: if ( !gotesc && *s == '"' ) { state = B4SEPARATOR; diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c index 2f559de27d..50bbaeb68a 100644 --- a/servers/slapd/modrdn.c +++ b/servers/slapd/modrdn.c @@ -194,7 +194,7 @@ do_modrdn( if( newSuperior != NULL ) { newSuperior_be = select_backend( nnewSuperior ); - if ( newSuperior != be ) { + if ( newSuperior_be != be ) { /* newSuperior is in same backend */ rc = LDAP_AFFECTS_MULTIPLE_DSAS; diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 625890574f..2e3488f403 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -56,9 +56,25 @@ LDAP_BEGIN_DECL #define MAXREMATCHES 10 +/* XXYYZ: these macros assume 'x' is an ASCII x */ #define DNSEPARATOR(c) ((c) == ',' || (c) == ';') #define SEPARATOR(c) ((c) == ',' || (c) == ';' || (c) == '+') #define SPACE(c) ((c) == ' ' || (c) == '\n') + +#define ASCII_LOWER(c) ( (c) >= 'a' && (c) <= 'z' ) +#define ASCII_UPPER(c) ( (c) >= 'A' && (c) <= 'Z' ) +#define ASCII_ALPHA(c) ( ASCII_LOWER(c) || ASCII_UPPER(c) ) +#define ASCII_DIGIT(c) ( (c) >= '0' && (c) <= '9' ) +#define ASCII_ALNUM(c) ( ASCII_ALPHA(c) || ASCII_DIGIT(c) ) + +#define LEADKEYCHAR(c) ( ASCII_ALPHA(c) ) +#define KEYCHAR(c) ( ASCII_ALNUM(c) || (c) == '-' ) +#define LEADOIDCHAR(c) ( ASCII_DIGIT(c) ) +#define OIDCHAR(c) ( ASCII_DIGIT(c) || (c) == '.' ) + +#define LEADATTRCHAR(c) ( LEADKEYCHAR(c) || LEADOIDCHAR(c) ) +#define ATTRCHAR(c) ( KEYCHAR((c)) || (c) == '.' ) + #define NEEDSESCAPE(c) ((c) == '\\' || (c) == '"') #define SLAP_SCHERR_OUTOFMEM 1 -- 2.39.5