directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRSERVER-578) LDAP Name Parser Trapped in Infinite Loop
Date Wed, 15 Feb 2006 01:24:37 GMT
    [ http://issues.apache.org/jira/browse/DIRSERVER-578?page=comments#action_12366420 ] 

Emmanuel Lecharny commented on DIRSERVER-578:
---------------------------------------------

I think that this infinite loop is due to the use of '*' instead of '+' in the following antlr
rule :

SIMPLE_STRING           : ( ~( ',' | '=' | '+' | '<'  | '>' | '#' | ';' | '\\' | '"'
) )*  <-- should be +

in the shared/ldap/src/main/antlr/valuelexer.g file.

I still have to test it, but it's a little bit late right now, so feel free to change it and
rebuild the project. 

some explanation : with '*', an empty SIMPLE_STRING is valid. So if we have, say, an '=',
which is not allowed by any other rule in the production :

value ::= ( SIMPLE_STRING | HEX_STRING | QUOTED_STRING | ESCAPED_CHAR )+

we have an infinite loop.

> LDAP Name Parser Trapped in Infinite Loop
> -----------------------------------------
>
>          Key: DIRSERVER-578
>          URL: http://issues.apache.org/jira/browse/DIRSERVER-578
>      Project: Directory ApacheDS
>         Type: Bug
>   Components: ldap
>     Versions: pre-1.0
>  Environment: Fedora Core 4
>     Reporter: Ole Ersoy
>     Priority: Minor

>
> Hi Stefan,
> Here's some JNDI JUnit Testing code that runs fine on
> 0.9:
> package com.pyramidetechnologies.webapp.mdc;
> import java.util.Hashtable;
> import javax.naming.Context;
> import javax.naming.NamingException;
> import javax.naming.directory.DirContext;
> import javax.naming.directory.InitialDirContext;
> import junit.framework.TestCase;
> public class LDAPTesting extends TestCase {
> 	public DirContext authenticate() {
> 		try {
> 			Hashtable<String, String> env = new
> Hashtable<String, String>();
> //			 Set up the environment for creating the initial
> context
> 			env.put(Context.INITIAL_CONTEXT_FACTORY, 
> 					"com.sun.jndi.ldap.LdapCtxFactory");
> 			env.put(Context.PROVIDER_URL,
> "ldap://localhost:389/ou=users,ou=system");
> //			 Authenticate as S. User and password "mysecret"
> 			env.put(Context.SECURITY_AUTHENTICATION, "simple");
> 			env.put(Context.SECURITY_PRINCIPAL, 
> "uid=admin,ou=system");
> 			env.put(Context.SECURITY_CREDENTIALS, "secret");
> 			DirContext ctx = new InitialDirContext(env);
> 		
> ctx.createSubcontext("mail=ole@pyramidetechnologies");
> 		
> ctx.destroySubcontext("mail=ole@pyramidetechnologies");
> 			return ctx;
> 		} catch (NamingException e) {
> 			e.printStackTrace();
> 			return null;
> 		}
> 	}
> 	
> 	public void testAddContext() {
> 		DirContext ctx=authenticate();
> 		try {
> 		
> ctx.createSubcontext("mail=ole@pyramidetechnologies");
> 		
> ctx.destroySubcontext("mail=ole@pyramidetechnologies");
> 		} catch (NamingException e) {
> 			// TODO Auto-generated catch block
> 			e.printStackTrace();
> 		}
> 		
> 	}
> }
> This code crashes the server (The only thing changed
> is this:
> ctx.createSubcontext("mail=mail=ole@pyramidetechnologies");
> Hope that helps.
> Cheers,
> - Ole

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message