Attachment #10341 for bug #51183

View | Details | Raw Unified | Return to bug 51183
Collapse All | Expand All




const Filter *slap_filter_objectClass_pres;
const struct berval *slap_filterstr_objectClass_pres;

#ifndef SLAPD_MAX_FILTER_DEPTH
#define SLAPD_MAX_FILTER_DEPTH	5000
#endif

static int	get_filter_list(
	Operation *op,
	BerElement *ber,
	Filter **f,
	const char **text,
	int depth );

static int	get_ssa(
	Operation *op,

	return;
}

static int
get_filter0(
	Operation *op,
	BerElement *ber,
	Filter **filt,
	const char **text,
	int depth )
{
	ber_tag_t	tag;
	ber_len_t	len;

	 *
	 */

	if( depth > SLAPD_MAX_FILTER_DEPTH ) {
		*text = "filter nested too deeply";
		return SLAPD_DISCONNECT;
	}

	tag = ber_peek_tag( ber, &len );

	if( tag == LBER_ERROR ) {


	case LDAP_FILTER_AND:
		Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );
		err = get_filter_list( op, ber, &f.f_and, text, depth+1 );
		if ( err != LDAP_SUCCESS ) {
			break;
		}


	case LDAP_FILTER_OR:
		Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );
		err = get_filter_list( op, ber, &f.f_or, text, depth+1 );
		if ( err != LDAP_SUCCESS ) {
			break;
		}

	case LDAP_FILTER_NOT:
		Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );
		(void) ber_skip_tag( ber, &len );
		err = get_filter0( op, ber, &f.f_not, text, depth+1 );
		if ( err != LDAP_SUCCESS ) {
			break;
		}

	return( err );
}

int
get_filter(
	Operation *op,
	BerElement *ber,
	Filter **filt,
	const char **text )
{
	return get_filter0( op, ber, filt, text, 0 );
}


static int
get_filter_list( Operation *op, BerElement *ber,
	Filter **f,
	const char **text,
	int depth )
{
	Filter		**new;
	int		err;

		tag != LBER_DEFAULT;
		tag = ber_next_element( ber, &len, last ) )
	{
		err = get_filter0( op, ber, new, text, depth );
		if ( err != LDAP_SUCCESS )
			return( err );
		new = &(*new)->f_next;
- 

Return to bug 51183

Lines 37-47 Link Here

(-)a/servers/slapd/filter.c (-10 / +32 lines)
37	const Filter *slap_filter_objectClass_pres;	37	const Filter *slap_filter_objectClass_pres;
38	const struct berval *slap_filterstr_objectClass_pres;	38	const struct berval *slap_filterstr_objectClass_pres;
39		39
		40	#ifndef SLAPD_MAX_FILTER_DEPTH
		41	#define SLAPD_MAX_FILTER_DEPTH 5000
		42	#endif
		43
40	static int get_filter_list(	44	static int get_filter_list(
41	Operation *op,	45	Operation *op,
42	BerElement *ber,	46	BerElement *ber,
43	Filter **f,	47	Filter **f,
44	const char **text );	48	const char **text,
		49	int depth );
45		50
46	static int get_ssa(	51	static int get_ssa(
47	Operation *op,	52	Operation *op,
Lines 80-91 filter_destroy( void ) Link Here
80	return;	85	return;
81	}	86	}
82		87
83	int	88	static int
84	get_filter(	89	get_filter0(
85	Operation *op,	90	Operation *op,
86	BerElement *ber,	91	BerElement *ber,
87	Filter **filt,	92	Filter **filt,
88	const char **text )	93	const char **text,
		94	int depth )
89	{	95	{
90	ber_tag_t tag;	96	ber_tag_t tag;
91	ber_len_t len;	97	ber_len_t len;
Lines 126-131 get_filter( Link Here
126	*	132	*
127	*/	133	*/
128		134
		135	if( depth > SLAPD_MAX_FILTER_DEPTH ) {
		136	*text = "filter nested too deeply";
		137	return SLAPD_DISCONNECT;
		138	}
		139
129	tag = ber_peek_tag( ber, &len );	140	tag = ber_peek_tag( ber, &len );
130		141
131	if( tag == LBER_ERROR ) {	142	if( tag == LBER_ERROR ) {
Lines 221-227 get_filter( Link Here
221		232
222	case LDAP_FILTER_AND:	233	case LDAP_FILTER_AND:
223	Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );	234	Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );
224	err = get_filter_list( op, ber, &f.f_and, text );	235	err = get_filter_list( op, ber, &f.f_and, text, depth+1 );
225	if ( err != LDAP_SUCCESS ) {	236	if ( err != LDAP_SUCCESS ) {
226	break;	237	break;
227	}	238	}
Lines 234-240 get_filter( Link Here
234		245
235	case LDAP_FILTER_OR:	246	case LDAP_FILTER_OR:
236	Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );	247	Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );
237	err = get_filter_list( op, ber, &f.f_or, text );	248	err = get_filter_list( op, ber, &f.f_or, text, depth+1 );
238	if ( err != LDAP_SUCCESS ) {	249	if ( err != LDAP_SUCCESS ) {
239	break;	250	break;
240	}	251	}
Lines 248-254 get_filter( Link Here
248	case LDAP_FILTER_NOT:	259	case LDAP_FILTER_NOT:
249	Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );	260	Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );
250	(void) ber_skip_tag( ber, &len );	261	(void) ber_skip_tag( ber, &len );
251	err = get_filter( op, ber, &f.f_not, text );	262	err = get_filter0( op, ber, &f.f_not, text, depth+1 );
252	if ( err != LDAP_SUCCESS ) {	263	if ( err != LDAP_SUCCESS ) {
253	break;	264	break;
254	}	265	}
Lines 311-320 get_filter( Link Here
311	return( err );	322	return( err );
312	}	323	}
313		324
		325	int
		326	get_filter(
		327	Operation *op,
		328	BerElement *ber,
		329	Filter **filt,
		330	const char **text )
		331	{
		332	return get_filter0( op, ber, filt, text, 0 );
		333	}
		334
		335
314	static int	336	static int
315	get_filter_list( Operation op, BerElement ber,	337	get_filter_list( Operation op, BerElement ber,
316	Filter **f,	338	Filter **f,
317	const char **text )	339	const char **text,
		340	int depth )
318	{	341	{
319	Filter **new;	342	Filter **new;
320	int err;	343	int err;
Lines 328-334 get_filter_list( Operation op, BerElement ber, Link Here
328	tag != LBER_DEFAULT;	351	tag != LBER_DEFAULT;
329	tag = ber_next_element( ber, &len, last ) )	352	tag = ber_next_element( ber, &len, last ) )
330	{	353	{
331	err = get_filter( op, ber, new, text );	354	err = get_filter0( op, ber, new, text, depth );
332	if ( err != LDAP_SUCCESS )	355	if ( err != LDAP_SUCCESS )
333	return( err );	356	return( err );
334	new = &(*new)->f_next;	357	new = &(*new)->f_next;
335	-