Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9219/ldap/servers/slapd
Modified Files:
libglobs.c sasl_io.c slap.h
Log Message:
Resolves: 387851
Summary: Added validation for nsslapd-maxsasliosize value.
Index: libglobs.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- libglobs.c 25 Nov 2008 19:20:26 -0000 1.31
+++ libglobs.c 26 Nov 2008 17:32:21 -0000 1.32
@@ -856,6 +856,7 @@
cfg->ioblocktimeout = SLAPD_DEFAULT_IOBLOCK_TIMEOUT;
cfg->outbound_ldap_io_timeout = SLAPD_DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT;
cfg->max_filter_nest_level = SLAPD_DEFAULT_MAX_FILTER_NEST_LEVEL;
+ cfg->maxsasliosize = SLAPD_DEFAULT_MAX_SASLIO_SIZE;
#ifdef _WIN32
cfg->conntablesize = SLAPD_DEFAULT_CONNTABLESIZE;
@@ -4494,21 +4495,41 @@
config_set_maxsasliosize( const char *attrname, char *value, char *errorbuf, int apply )
{
int retVal = LDAP_SUCCESS;
+ long maxsasliosize;
+ char *endptr;
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
if ( config_value_is_null( attrname, value, errorbuf, 0 )) {
return LDAP_OPERATIONS_ERROR;
}
- if ( !apply ) {
- return retVal;
+ maxsasliosize = strtol(value, &endptr, 10);
+
+ /* Check for non-numeric garbage in the value */
+ if (*endptr != '\0') {
+ retVal = LDAP_OPERATIONS_ERROR;
}
- CFG_LOCK_WRITE(slapdFrontendConfig);
+ /* Check for a value overflow */
+ if (((maxsasliosize == LONG_MAX) || (maxsasliosize == LONG_MIN)) && (errno ==
ERANGE)){
+ retVal = LDAP_OPERATIONS_ERROR;
+ }
+
+ /* A setting of -1 means unlimited. Don't allow other negative values. */
+ if ((maxsasliosize < 0) && (maxsasliosize != -1)) {
+ retVal = LDAP_OPERATIONS_ERROR;
+ }
- slapdFrontendConfig->maxsasliosize = atol(value);
+ if (retVal != LDAP_SUCCESS) {
+ PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
+ "%s: \"%s\" is invalid. Value must range from -1 to
%ld",
+ attrname, value, LONG_MAX );
+ } else if (apply) {
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapdFrontendConfig->maxsasliosize = maxsasliosize;
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ }
- CFG_UNLOCK_WRITE(slapdFrontendConfig);
return retVal;
}
@@ -4519,9 +4540,6 @@
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
maxsasliosize = slapdFrontendConfig->maxsasliosize;
- if (maxsasliosize == 0) {
- maxsasliosize = 2 * 1024 * 1024; /* Default: 2Mb */
- }
return maxsasliosize;
}
Index: sasl_io.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/sasl_io.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- sasl_io.c 25 Nov 2008 19:20:27 -0000 1.16
+++ sasl_io.c 26 Nov 2008 17:32:21 -0000 1.17
@@ -195,6 +195,7 @@
int ret = 0;
unsigned char buffer[4];
size_t packet_length = 0;
+ size_t saslio_limit;
ret = PR_Recv(c->c_prfd,buffer,sizeof(buffer),0,PR_INTERVAL_NO_WAIT);
if (ret < 0) {
@@ -216,7 +217,10 @@
LDAPDebug( LDAP_DEBUG_CONNS,
"read sasl packet length %ld on connection %" PRIu64
"\n", packet_length, c->c_connid, 0 );
- if (packet_length > config_get_maxsasliosize()) {
+ /* Check if the packet length is larger than our max allowed. A
+ * setting of -1 means that we allow any size SASL IO packet. */
+ saslio_limit = config_get_maxsasliosize();
+ if(((long)saslio_limit != -1) && (packet_length > saslio_limit)) {
LDAPDebug( LDAP_DEBUG_ANY,
"SASL encrypted packet length exceeds maximum allowed limit
(length=%ld, limit=%ld)."
" Change the nsslapd-maxsasliosize attribute in cn=config to
increase limit.\n",
Index: slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slap.h,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- slap.h 25 Nov 2008 19:20:27 -0000 1.40
+++ slap.h 26 Nov 2008 17:32:21 -0000 1.41
@@ -279,6 +279,7 @@
#define SLAPD_DEFAULT_LOOKTHROUGHLIMIT 5000 /* use -1 for no limit */
#define SLAPD_DEFAULT_GROUPNESTLEVEL 5
#define SLAPD_DEFAULT_MAX_FILTER_NEST_LEVEL 40 /* use -1 for no limit */
+#define SLAPD_DEFAULT_MAX_SASLIO_SIZE 2097152 /* 2MB in bytes. Use -1 for no limit */
#define SLAPD_DEFAULT_IOBLOCK_TIMEOUT 1800000 /* half hour in ms */
#define SLAPD_DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT 300000 /* 5 minutes in ms */
#define SLAPD_DEFAULT_RESERVE_FDS 64
Show replies by date