[Date Prev][Date Next] [Chronological] [Thread] [Top]

Patch: Very buggy slapd/saslauthz.c:slap_parseURI() (ITS#1681)

To: openldap-its@OpenLDAP.org
Subject: Patch: Very buggy slapd/saslauthz.c:slap_parseURI() (ITS#1681)
From: h.b.furuseth@usit.uio.no
Date: Mon, 25 Mar 2002 10:06:02 GMT

Full_Name: Hallvard B. Furuseth
Version: 2.1.0alpha
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/parseURI.txt
Submission from: (NULL) (158.36.148.34)


slap_parseURI() does not handle defaulted scope (== base) when there
is a filter, nor a scope not followed by a filter, nor extensions
after the filter.  It assumes wrongly that dnNormalize2(,&bv,) does
not use bv.bv_len.  It returns LDAP_INVALID_SYNTAX for "ldap://host/";
(i.e. empty base without a following '?') instead of LDAP_SUCCESS
which is returned if there is a '?'.  It does not detect bad filters.
Finally, *scope receives -1 instead of LDAP_SCOPE_BASE for URLs of
the forms "ldap://host/dn"; and "ldap://host/dn?";.

Here is a fix, though I don't know why you don't just use
ldap_url_parse() + dnNormalize2() instead.

It has been tested as a stand-alone routine, but not in slapd (except
for a simple 'make test').

Prev by Date: Patch: Fix typo in man5/slapd.conf.5 (ITS#1680)
Next by Date: Patch: Kill 'ldap_debug redefined' warning in slapd (ITS#1682)
Index(es):
- Chronological
- Thread