[Date Prev][Date Next]
Re: (ITS#5959) back-meta doesn't detect illegal values
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#5959) back-meta doesn't detect illegal values
- From: firstname.lastname@example.org
- Date: Fri, 20 Feb 2009 00:15:14 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Pierangelo Masarati wrote:
> hyc@OpenLDAP.org wrote:
>> back-meta doesn't check the return code from the normalizer when it's
>> normalizing the values of an attribute. As such, it can leave NULL slots in
>> a->a_nvals even though a->a_vals slots are all non-NULL.
>> I was going to try just dup'ing the a->a_vals value into the slot, but I see
>> that in back-ldap for the same situation, the entire attribute is just dropped.
>> I suppose that's the safer path.
> In the spirit of doing what's best to return as much as possible,
> wouldn't it be preferable to just drop illegal values? And, of course,
> the whole attr if no legal values are left.
Looking over the code, there are some other problems. Other areas will drop
values for various reasons (e.g., mapping out objectclass values).
attr->a_numvals is set before these checks occur, and is not updated with the
correct count later.
I'll try to get some more fixes in for .15.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/