OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Software Bugs/7449
Full headers

From: tixu@cs.ucsd.edu
Subject: Signedness Conversion Issue
Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Thu, 22 Nov 2012 06:01:11 +0000
From: tixu@cs.ucsd.edu
To: openldap-its@OpenLDAP.org
Subject: Signedness Conversion Issue
Full_Name: Tianyin Xu
Version: 2.4.33
OS: Ubuntu 12.04 (actually doesn't matter)
URL: 
Submission from: (NULL) (2607:f720:1300:1241:512c:f07a:5efe:8eda)


The data type of "index_substr_any_len" and "index_substr_any_step" are unsigned
int. They should share the same flag ARG_UINT as "index_substr_if_{min,max}len"

/* servers/slapd/schema_init.c */
158 unsigned int index_substr_if_minlen = SLAP_INDEX_SUBSTR_IF_MINLEN_DEFAULT;
159 unsigned int index_substr_if_maxlen = SLAP_INDEX_SUBSTR_IF_MAXLEN_DEFAULT;
160 unsigned int index_substr_any_len = SLAP_INDEX_SUBSTR_ANY_LEN_DEFAULT; 
161 unsigned int index_substr_any_step = SLAP_INDEX_SUBSTR_ANY_STEP_DEFAULT;

In the current code, they are "ARG_INT" which convert -1 to be 4294967295.

==========================PATCH=========================

@@ -399,13 +399,13 @@
        { "index_substr_if_maxlen", "max", 2, 2, 0,
ARG_UINT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MAX,
                &config_generic, "( OLcfgGlAt:21 NAME
'olcIndexSubstrIfMaxLen'
"
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
-       { "index_substr_any_len", "len", 2, 2, 0, ARG_INT|ARG_NONZERO,
+       { "index_substr_any_len", "len", 2, 2, 0, ARG_UINT|ARG_NONZERO,
                &index_substr_any_len, "( OLcfgGlAt:22 NAME
'olcIndexSubstrAnyLen' "
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
-       { "index_substr_any_step", "step", 2, 2, 0, ARG_INT|ARG_NONZERO,
+       { "index_substr_any_step", "step", 2, 2, 0, ARG_UINT|ARG_NONZERO,
                &index_substr_any_step, "( OLcfgGlAt:23 NAME
'olcIndexSubstrAnyStep' "
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
-       { "index_intlen", "len", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_IX_INTLEN,
+       { "index_intlen", "len", 2, 2, 0, ARG_UINT|ARG_MAGIC|CFG_IX_INTLEN,
                &config_generic, "( OLcfgGlAt:84 NAME 'olcIndexIntLen' "
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
        { "lastmod", "on|off", 2, 2, 0,
ARG_DB|ARG_ON_OFF|ARG_MAGIC|CFG_LASTMOD,
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org