[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6353) berval->string conversions ignore \0



I wrote:
> Conversion from a binary blob (struct berval*, BerElement read)
> to a char* string typically just grabs bv.bv_val even when the
> value may contain embedded '\0's.
> 
> In these cases, correct operation may require that the conversion
> fails if bv_len != (bv_val ? strlen(bv_val) : 0).  Or if bv_val is
> not \0-terminated, to check if memchr(bv_val, '\0', bv_len) == NULL.
> 
> Examples: liblber/decode.c:
> ber_get_stringa, ber_get_stringb, ber_get_bitstringa, ber_scanf "aAv"

decode.c now rejects embedded NUL bytes in cases where we do not save
the length anywhere.  However it accepts terminating NUL bytes, which
AD can send at least in diagonsticMessage:
   http://www.openldap.org/lists/openldap-devel/200911/msg00001.html

-- 
Hallvard