httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r291123 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS modules/experimental/util_ldap.c modules/experimental/util_ldap_cache.c modules/experimental/util_ldap_cache.h
Date Fri, 23 Sep 2005 14:20:25 GMT
Author: bnicholes
Date: Fri Sep 23 07:20:22 2005
New Revision: 291123

URL: http://svn.apache.org/viewcvs?rev=291123&view=rev
Log:
mod_ldap: Fix PR 36563. Keep track of the number of attributes retrieved from LDAP so that
all of the values can be properly cached even if the value is NULL.

Reviewed by: bnicholes, minfrin, jim

Modified:
    httpd/httpd/branches/2.0.x/CHANGES
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/modules/experimental/util_ldap.c
    httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.c
    httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.h

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?rev=291123&r1=291122&r2=291123&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Fri Sep 23 07:20:22 2005
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.55
 
+  *) mod_ldap: Fix PR 36563. Keep track of the number of attributes
+     retrieved from LDAP so that all of the values can be properly 
+     cached even if the value is NULL. 
+     [Brad Nicholes, Ondrej Sury <ondrej sury.org>]
+       
   *) SECURITY: CAN-2005-2491 (cve.mitre.org): 
      Fix integer overflows in PCRE in quantifier parsing which could
      be triggered by a local user through use of a carefully-crafted 

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=291123&r1=291122&r2=291123&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Fri Sep 23 07:20:22 2005
@@ -266,14 +266,6 @@
                  algorithims can be pretty "interesting", probably more
                  2.2. 
 
-    *) mod_ldap: Fix PR 36563. Keep track of the number of attributes
-       retrieved from LDAP so that all of the values can be properly 
-       cached even if the value is NULL.
-         http://issues.apache.org/bugzilla/attachment.cgi?id=16429
-	 or 
-	 http://svn.apache.org/viewcvs.cgi?rev=156587&view=rev
-       +1: bnicholes, minfrin, jim
-
 PATCHES TO BACKPORT THAT ARE ON HOLD OR NOT GOING ANYWHERE SOON:
 
     *) Replace some of the mutex locking in the worker MPM with

Modified: httpd/httpd/branches/2.0.x/modules/experimental/util_ldap.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/experimental/util_ldap.c?rev=291123&r1=291122&r2=291123&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/experimental/util_ldap.c (original)
+++ httpd/httpd/branches/2.0.x/modules/experimental/util_ldap.c Fri Sep 23 07:20:22 2005
@@ -769,6 +769,7 @@
                               const char ***retvals)
 {
     const char **vals = NULL;
+    int numvals = 0;
     int result = 0;
     LDAPMessage *res, *entry;
     char *dn;
@@ -932,6 +933,7 @@
         int i = 0;
         while (attrs[k++]);
         vals = apr_pcalloc(r->pool, sizeof(char *) * (k+1));
+        numvals = k;
         while (attrs[i]) {
             char **values;
             int j = 0;
@@ -959,6 +961,7 @@
         the_search_node.bindpw = bindpw;
         the_search_node.lastbind = apr_time_now();
         the_search_node.vals = vals;
+        the_search_node.numvals = numvals;
 
         /* Search again to make sure that another thread didn't ready insert this node
            into the cache before we got here. If it does exist then update the lastbind */
@@ -1001,6 +1004,7 @@
                               const char ***retvals)
 {
     const char **vals = NULL;
+    int numvals = 0;
     int result = 0;
     LDAPMessage *res, *entry;
     char *dn;
@@ -1115,6 +1119,7 @@
         int i = 0;
         while (attrs[k++]);
         vals = apr_pcalloc(r->pool, sizeof(char *) * (k+1));
+        numvals = k;
         while (attrs[i]) {
             char **values;
             int j = 0;
@@ -1142,6 +1147,7 @@
         the_search_node.bindpw = NULL;
         the_search_node.lastbind = apr_time_now();
         the_search_node.vals = vals;
+        the_search_node.numvals = numvals;
 
         /* Search again to make sure that another thread didn't ready insert this node
            into the cache before we got here. If it does exist then update the lastbind */

Modified: httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.c?rev=291123&r1=291122&r2=291123&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.c (original)
+++ httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.c Fri Sep 23 07:20:22
2005
@@ -158,18 +158,22 @@
 
         /* copy vals */
         if (node->vals) {
-            int k = 0;
+            int k = node->numvals;
             int i = 0;
-            while (node->vals[k++]);
             if (!(newnode->vals = util_ald_alloc(cache, sizeof(char *) * (k+1)))) {
                 util_ldap_search_node_free(cache, newnode);
                 return NULL;
             }
-            while (node->vals[i]) {
-                if (!(newnode->vals[i] = util_ald_strdup(cache, node->vals[i]))) {
-                    util_ldap_search_node_free(cache, newnode);
-                    return NULL;
+            newnode->numvals = node->numvals;
+            for (;k;k--) {
+                if (node->vals[i]) {
+                    if (!(newnode->vals[i] = util_ald_strdup(cache, node->vals[i])))
{
+                        util_ldap_search_node_free(cache, newnode);
+                        return NULL;
+                    }
                 }
+                else
+                    newnode->vals[i] = NULL;
                 i++;
             }
         }
@@ -199,9 +203,13 @@
 {
     int i = 0;
     util_search_node_t *node = (util_search_node_t *)n;
+    int k = node->numvals;
+
     if (node->vals) {
-        while (node->vals[i]) {
-            util_ald_free(cache, node->vals[i++]);
+        for (;k;k--,i++) {
+            if (node->vals[i]) {
+                util_ald_free(cache, node->vals[i]);
+            }
         }
         util_ald_free(cache, node->vals);
     }

Modified: httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.h
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.h?rev=291123&r1=291122&r2=291123&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.h (original)
+++ httpd/httpd/branches/2.0.x/modules/experimental/util_ldap_cache.h Fri Sep 23 07:20:22
2005
@@ -110,6 +110,7 @@
 					   NULL if the bind failed */
     apr_time_t lastbind;		/* Time of last successful bind */
     const char **vals;			/* Values of queried attributes */
+    int        numvals;			/* Number of queried attributes */
 } util_search_node_t;
 
 /*



Mime
View raw message