Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/views
In directory
cvs-int.fedora.redhat.com:/tmp/cvs-serv11904/ldapserver/ldap/servers/plugins/views
Modified Files:
views.c
Log Message:
Resolves: bug 288291
Bug Description: add an view object inside a view object that has an improper nsviewfilter
crashes the server
Reviewed by: nhosoi (Thanks!)
Fix Description: I could not reproduce the problem by simply adding the bogus
nsviewfilter. The server seemed to run fine, but I didn't stress it. However, if I
restarted the server, the server would core during startup. The last message in the error
log would say something about recovering the database, which is probably why the bug
reporter said that it will not recover the database. The problem doesn't appear to be
with views specifically, but with any internal search which uses the
search_internal_callback_pb() (as opposed to the non callback internal search) and there
are search base rewriters (such as the views code). The aci code uses this type of search
at startup to find the acis, and that's where I saw the crash. I could crash the
server at startup regardless of whether the view filter was bogus or not. The problem is
that we are not passing in the address of new_base to slapi_ch_free. The fix is to use
slapi_ch_free_string and pass in the address of the st!
ring. That fixes the crash.
I also cleaned up a few places in the views code which was not checking to see if
slapi_str2filter returned NULL, which would happen in the case of the bogus search filter.
I also added an error message which will tell the user that filter X in entry Y is
bogus.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Index: views.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/views/views.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- views.c 10 Nov 2006 23:45:33 -0000 1.9
+++ views.c 12 Oct 2007 16:53:02 -0000 1.10
@@ -764,6 +764,12 @@
buf = slapi_ch_strdup(current->viewfilter);
pCurrentFilter = slapi_str2filter( buf );
+ if (!pCurrentFilter) {
+ char ebuf[BUFSIZ];
+ slapi_log_error(SLAPI_LOG_FATAL, VIEWS_PLUGIN_SUBSYSTEM,
+ "Error: the view filter [%s] in entry [%s] is not valid\n",
+ buf, escape_string(current->pDn, ebuf));
+ }
if(pBuiltFilter && pCurrentFilter)
pBuiltFilter = slapi_filter_join_ex( LDAP_FILTER_AND, pBuiltFilter, pCurrentFilter, 0
);
else
@@ -935,7 +941,13 @@
if(buf)
{
pCurrentFilter = slapi_str2filter( buf );
- if(pOrSubFilter)
+ if (!pCurrentFilter) {
+ char ebuf[BUFSIZ];
+ slapi_log_error(SLAPI_LOG_FATAL, VIEWS_PLUGIN_SUBSYSTEM,
+ "Error: the view filter [%s] in entry [%s] is not valid\n",
+ buf, escape_string(currentChild->pDn, ebuf));
+ }
+ if(pOrSubFilter && pCurrentFilter)
pOrSubFilter = slapi_filter_join_ex( LDAP_FILTER_OR, pOrSubFilter, pCurrentFilter, 0
);
else
pOrSubFilter = pCurrentFilter;
@@ -994,8 +1006,14 @@
buf = slapi_ch_calloc(1, strlen(viewRDNstr) + 11 ); /* 3 for filter */
sprintf(buf, "(%s)", viewRDNstr );
viewSubFilter = slapi_str2filter( buf );
-
- if(pView->includeChildViewsFilter)
+ if (!viewSubFilter) {
+ char ebuf[BUFSIZ];
+ slapi_log_error(SLAPI_LOG_FATAL, VIEWS_PLUGIN_SUBSYSTEM,
+ "Error: the view filter [%s] in entry [%s] is not valid\n",
+ buf, escape_string(current->pDn, ebuf));
+ }
+
+ if(pView->includeChildViewsFilter && viewSubFilter)
pView->includeChildViewsFilter = slapi_filter_join_ex( LDAP_FILTER_OR,
pView->includeChildViewsFilter, viewSubFilter, 0 );
else
pView->includeChildViewsFilter = viewSubFilter;
Show replies by date