From 56a4604694d8f87a8b8167fca558bdc5a28365f5 Mon Sep 17 00:00:00 2001 From: Martijn van Duren Date: Tue, 27 Nov 2018 12:04:58 +0000 Subject: LDAP returns values as OCTET STRINGs, which can be LDAPStrings, but isn't always the case. This caused some malformed output when querying databases returning data containing NUL-bytes. Fix this by also returning the actual size. With this diff we should produce basically identical output to openldap's ldapsearch. Lots of back and forths with claudio@ OK claudio@ --- usr.bin/ldap/aldap.c | 59 ++++++++++++++++++++++++++-------------------------- 1 file changed, 30 insertions(+), 29 deletions(-) (limited to 'usr.bin/ldap/aldap.c') diff --git a/usr.bin/ldap/aldap.c b/usr.bin/ldap/aldap.c index 569286f2793..b75b491fa0b 100644 --- a/usr.bin/ldap/aldap.c +++ b/usr.bin/ldap/aldap.c @@ -1,5 +1,5 @@ -/* $Id: aldap.c,v 1.5 2018/08/12 22:04:09 rob Exp $ */ -/* $OpenBSD: aldap.c,v 1.5 2018/08/12 22:04:09 rob Exp $ */ +/* $Id: aldap.c,v 1.6 2018/11/27 12:04:57 martijn Exp $ */ +/* $OpenBSD: aldap.c,v 1.6 2018/11/27 12:04:57 martijn Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver @@ -39,7 +39,7 @@ static struct ber_element *ldap_parse_search_filter(struct ber_element *, char *); static struct ber_element *ldap_do_parse_search_filter( struct ber_element *, char **); -char **aldap_get_stringset(struct ber_element *); +struct aldap_stringset *aldap_get_stringset(struct ber_element *); char *utoa(char *); static int isu8cont(unsigned char); char *parseval(char *, size_t); @@ -522,7 +522,7 @@ aldap_get_dn(struct aldap_message *msg) return utoa(dn); } -char ** +struct aldap_stringset * aldap_get_references(struct aldap_message *msg) { if (msg->references == NULL) @@ -576,11 +576,12 @@ aldap_count_attrs(struct aldap_message *msg) } int -aldap_first_attr(struct aldap_message *msg, char **outkey, char ***outvalues) +aldap_first_attr(struct aldap_message *msg, char **outkey, + struct aldap_stringset **outvalues) { struct ber_element *b, *c; char *key; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.attrs == NULL) goto fail; @@ -605,11 +606,12 @@ fail: } int -aldap_next_attr(struct aldap_message *msg, char **outkey, char ***outvalues) +aldap_next_attr(struct aldap_message *msg, char **outkey, + struct aldap_stringset **outvalues) { struct ber_element *a, *b; char *key; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.iter == NULL) goto notfound; @@ -640,11 +642,12 @@ notfound: } int -aldap_match_attr(struct aldap_message *msg, char *inkey, char ***outvalues) +aldap_match_attr(struct aldap_message *msg, char *inkey, + struct aldap_stringset **outvalues) { struct ber_element *a, *b; char *descr = NULL; - char **ret; + struct aldap_stringset *ret; if (msg->body.search.attrs == NULL) goto fail; @@ -677,16 +680,12 @@ notfound: } int -aldap_free_attr(char **values) +aldap_free_attr(struct aldap_stringset *values) { - int i; - if (values == NULL) return -1; - for (i = 0; values[i] != NULL; i++) - free(values[i]); - + free(values->str); free(values); return (1); @@ -836,33 +835,35 @@ fail: * internal functions */ -char ** +struct aldap_stringset * aldap_get_stringset(struct ber_element *elm) { struct ber_element *a; int i; - char **ret; - char *s; + struct aldap_stringset *ret; if (elm->be_type != BER_TYPE_OCTETSTRING) return NULL; - for (a = elm, i = 1; i > 0 && a != NULL && a->be_type == - BER_TYPE_OCTETSTRING; a = a->be_next, i++) + if ((ret = malloc(sizeof(*ret))) == NULL) + return NULL; + for (a = elm, ret->len = 0; a != NULL && a->be_type == + BER_TYPE_OCTETSTRING; a = a->be_next, ret->len++) ; - if (i == 1) + if (ret->len == 0) { + free(ret); return NULL; + } - if ((ret = calloc(i + 1, sizeof(char *))) == NULL) + if ((ret->str = reallocarray(NULL, ret->len, + sizeof(*(ret->str)))) == NULL) { + free(ret); return NULL; + } for (a = elm, i = 0; a != NULL && a->be_type == BER_TYPE_OCTETSTRING; - a = a->be_next, i++) { - - ber_get_string(a, &s); - ret[i] = utoa(s); - } - ret[i + 1] = NULL; + a = a->be_next, i++) + (void) ber_get_ostring(a, &(ret->str[i])); return ret; } -- cgit v1.2.3