Subject: subtree search fails to find items under a db containing special characters
https://bugzilla.redhat.com/show_bug.cgi?id=199923
This bug had been reopened due to the regression.
[Proposed Fix] https://bugzilla.redhat.com/attachment.cgi?id=398612&action=diff https://bugzilla.redhat.com/attachment.cgi?id=398612&action=edit
Files: ldap/servers/plugins/syntaxes/validate.c ldap/servers/slapd/dn.c
Problem Description: A simple failed case observed before applying the patch: $ /usr/lib64/mozldap/ldapmodify -p 10389 -D 'cn=directory manager' -w pw<< EOF dn: ou=#<,dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: #< EOF ldap_add: Invalid DN syntax ldap_add: additional info: DN value invalid per syntax
Fix Description: dn.c: Based upon RFC 4514, '#', '+', ';', '<','>', and '=' need to be escaped in addition to '\' and '"' if it appears in the DN string. validate.c: Using the above example, if an escaped character (<) followed by an escaped character (#), the pointer was moved twice skipping '' before '<' and it makes the validation fail.
====================================================== Breakpoint 2, rdn_validate ( begin=0x7fd090001ed0 "ou=\#\<,dc=example,dc=com", end=0x7fd090001ee8 "m", last=0x7fd0a9bedac0) at ldap/servers/plugins/syntaxes/validate.c:430 430 int rc = 0; /* Assume RDN is valid */ (gdb) p p $35 = 0x7fd090001ed3 "\#\<,dc=example,dc=com" (gdb) p end $36 = 0x7fd090001ee8 "m" (gdb) p *p $37 = 92 '\' (gdb) n 472 if (numericform) { (gdb) n 498 if (IS_UTF1(*p)&& !IS_ESC(*p)&& !IS_LUTF1(*p)) { (gdb) n 507 if (numericform) { (gdb) n 517 if (IS_UTF1(*p)) { (gdb) n 520 if ((p == end)&& !IS_TUTF1(*p)) { (gdb) n 524 } else if (IS_ESC(*p)) { (gdb) n 528 p++;<== *p is '#' (gdb) n 529 if (!IS_ESC(*p)&& !IS_SPECIAL(*p)) { (gdb) n 538 p++;<== move the pointer to the next char '\' (gdb) p *p $40 = 92 '\' (gdb) n 545 p++;<== another move to '<', which needs to be escaped (gdb) n 517 if (IS_UTF1(*p)) { (gdb) n 520 if ((p == end)&& !IS_TUTF1(*p)) { (gdb) n 524 } else if (IS_ESC(*p)) { (gdb) n 540 } else if (!IS_SUTF1(*p)) { (gdb) n 541 rc = 1;<== failed.
389-devel@lists.fedoraproject.org