ldap/servers/slapd/libglobs.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
New commits:
commit b8c921f201929ec15974f2ccbe36af5caf74c74c
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Jul 26 08:36:29 2013 -0600
Ticket 47427 - Overflow in nsslapd-disk-monitoring-threshold
Bug Description: If you directory try and set the threshold to -2,
the server allows it, but it should be rejected.
Fix Description: With PR_snprintf and other NSPR formatting functions,
%lld must be used with LONG_MAX, instead of %ld which
must be used with regular printf.
https://fedorahosted.org/389/ticket/47427
Reviewed by: mreynolds (Thanks!)
(cherry picked from commit 5df006bd765163279f14cfbb0a136c15c69bed5b)
(cherry picked from commit 0b5fede023836b8b41a31c0106775767f306d21d)
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 018f1d0..dbd9de2 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -1597,7 +1597,7 @@ config_set_disk_threshold( const char *attrname, char *value, char
*errorbuf, in
if ( *endp != '\0' || threshold <= 4096 || errno == ERANGE ) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
- "%s: \"%s\" is invalid, threshold must be greater than 4096
and less then %lu",
+ "%s: \"%s\" is invalid, threshold must be greater than 4096
and less then %lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -2131,7 +2131,7 @@ config_set_sizelimit( const char *attrname, char *value, char
*errorbuf, int app
sizelimit = strtol(value, &endp, 10);
if ( *endp != '\0' || errno == ERANGE || sizelimit < -1 ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is
invalid, sizelimit must range from -1 to %ld",
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is
invalid, sizelimit must range from -1 to %lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -2175,7 +2175,7 @@ config_set_pagedsizelimit( const char *attrname, char *value, char
*errorbuf, in
pagedsizelimit = strtol(value, &endp, 10);
if ( *endp != '\0' || errno == ERANGE || pagedsizelimit < -1 ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is
invalid, pagedsizelimit must range from -1 to %ld",
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is
invalid, pagedsizelimit must range from -1 to %lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -2938,7 +2938,7 @@ config_set_pw_gracelimit( const char *attrname, char *value, char
*errorbuf, int
if ( *endp != '\0' || errno == ERANGE || gracelimit < 0 ) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
- "password grace limit \"%s\" is invalid, password grace limit must
range from 0 to %ld",
+ "password grace limit \"%s\" is invalid, password grace limit must
range from 0 to %lld",
value , LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -3670,7 +3670,7 @@ config_set_ioblocktimeout( const char *attrname, char *value, char
*errorbuf, in
nValue = strtol(value, &endp, 10);
if ( *endp != '\0' || errno == ERANGE || nValue < 0 ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value
\"%s\", I/O block timeout must range from 0 to %ld",
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value
\"%s\", I/O block timeout must range from 0 to %lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -3712,7 +3712,7 @@ config_set_idletimeout( const char *attrname, char *value, char
*errorbuf, int a
nValue = strtol(value, &endp, 10);
if (*endp != '\0' || errno == ERANGE || nValue < 0 ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value
\"%s\", idle timeout must range from 0 to %ld",
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value
\"%s\", idle timeout must range from 0 to %lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -3815,7 +3815,7 @@ config_set_timelimit( const char *attrname, char *value, char
*errorbuf, int app
if ( *endp != '\0' || errno == ERANGE || nVal < -1 ) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
- "%s: invalid value \"%s\", time limit must range from -1 to %ld",
+ "%s: invalid value \"%s\", time limit must range from -1 to
%lld",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -4011,7 +4011,7 @@ config_set_pw_warning( const char *attrname, char *value, char
*errorbuf, int ap
if (errno == ERANGE || sec < 0) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
"%s: password warning age \"%s\" is invalid, password warning
"
- "age must range from 0 to %ld seconds",
+ "age must range from 0 to %lld seconds",
attrname, value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
@@ -4042,7 +4042,7 @@ config_set_errorlog_level( const char *attrname, char *value, char
*errorbuf, in
if ( *endp != '\0' || errno == ERANGE || level < 0 ) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: error log level
\"%s\" is invalid,"
- " error log level must range from 0 to %ld", attrname,
value, LONG_MAX );
+ " error log level must range from 0 to %lld", attrname,
value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
}
@@ -4081,7 +4081,7 @@ config_set_accesslog_level( const char *attrname, char *value, char
*errorbuf, i
if ( *endp != '\0' || errno == ERANGE || level < 0 ) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: access log level
\"%s\" is invalid,"
- " access log level must range from 0 to %ld", attrname,
value, LONG_MAX );
+ " access log level must range from 0 to %lld", attrname,
value, LONG_MAX );
retVal = LDAP_OPERATIONS_ERROR;
return retVal;
}
@@ -5457,7 +5457,7 @@ config_set_maxsasliosize( const char *attrname, char *value, char
*errorbuf, int
if (retVal != LDAP_SUCCESS) {
PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
- "%s: \"%s\" is invalid. Value must range from -1 to
%ld",
+ "%s: \"%s\" is invalid. Value must range from -1 to
%lld",
attrname, value, LONG_MAX );
} else if (apply) {
CFG_LOCK_WRITE(slapdFrontendConfig);