More ITS#6353 - relent a bit: accept terminating NUL byte, which AD can send

diff --git a/include/lber.h b/include/lber.h
index 6e1a905fe4c1041a0b2503da468dfd90cee91d8b..275f6e416711ed9d255def6cfb950b23a1612782 100644 (file)
--- a/include/lber.h
+++ b/include/lber.h
@@ -279,6 +279,9 @@ ber_get_stringb LDAP_P((
 #define        LBER_BV_ALLOC   0x01    /* allocate/copy result, otherwise in-place */
 #define        LBER_BV_NOTERM  0x02    /* omit NUL-terminator if parsing in-place */
 #define        LBER_BV_STRING  0x04    /* fail if berval contains embedded \0 */
+/* LBER_BV_STRING currently accepts a terminating \0 in the berval, because
+ * Active Directory sends that in at least the diagonsticMessage field.
+ */
 
 LBER_F( ber_tag_t )
 ber_get_stringbv LDAP_P((

diff --git a/libraries/liblber/decode.c b/libraries/liblber/decode.c
index 151a188f6ff63dcfc487dbe082cda12f919ac2b8..95a6b463a2b49fa20b86ad3d04d7a3fd6ba87879 100644 (file)
--- a/libraries/liblber/decode.c
+++ b/libraries/liblber/decode.c
@@ -481,7 +481,8 @@ ber_get_stringbv( BerElement *ber, struct berval *bv, int option )
 
        tag = ber_skip_element( ber, bv );
        if ( tag == LBER_DEFAULT ||
-               (( option & LBER_BV_STRING ) && memchr( bv->bv_val, 0, bv->bv_len )))
+               (( option & LBER_BV_STRING ) &&
+                bv->bv_len && memchr( bv->bv_val, 0, bv->bv_len - 1 )))
        {
                bv->bv_val = NULL;
                return LBER_DEFAULT;
@@ -518,7 +519,9 @@ ber_get_stringbv_null( BerElement *ber, struct berval *bv, int option )
                return tag;
        }
 
-       if (( option & LBER_BV_STRING ) && memchr( bv->bv_val, 0, bv->bv_len )) {
+       if (( option & LBER_BV_STRING ) &&
+               memchr( bv->bv_val, 0, bv->bv_len - 1 ))
+       {
                bv->bv_val = NULL;
                return LBER_DEFAULT;
        }