Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/acl
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6224
Modified Files:
aclparse.c
Log Message:
Resolves: bug 232910
Description: ACI targetattr list parser is whitespace sensitive
Fix Description: I made it too sensitive. The parser should allow simple unquoted
strings. However, if it begins with a quote, it must end with a quote.
Index: aclparse.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/aclparse.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- aclparse.c 18 Oct 2007 20:55:10 -0000 1.8
+++ aclparse.c 19 Oct 2007 19:01:16 -0000 1.9
@@ -1234,14 +1234,21 @@
__acl_strip_leading_space(&s);
__acl_strip_trailing_space(s);
len = strlen(s);
- if (*s == '"' && s[len-1] == '"') {
- s[len-1] = '\0';
- s++;
- } else {
- slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
- "__aclp__init_targetattr: Error: The statement does not begin and end with a
\": [%s]\n",
- s);
- return ACL_SYNTAX_ERR;
+ /* Simple targetattr statements may not be quoted e.g.
+ targetattr=* or targetattr=userPassword
+ if it begins with a quote, it must end with one as well
+ */
+ if (*s == '"') {
+ s++; /* skip leading quote */
+ if (s[len-1] == '"') {
+ s[len-1] = '\0'; /* trim trailing quote */
+ } else {
+ /* error - if it begins with a quote, it must end with a quote */
+ slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
+ "__aclp__init_targetattr: Error: The statement does not
begin and end with a \": [%s]\n",
+ attr_val);
+ return ACL_SYNTAX_ERR;
+ }
}
str = s;