mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-25 17:19:43 -05:00
ITS#9202 limit depth of nested filters
Using a hardcoded limit for now; no reasonable apps should ever run into it.
This commit is contained in:
Howard Chu
Quanah Gibson-Mount
parent
af5b31b2a7
commit
d38d48fc8f
1 changed files with 32 additions and 9 deletions
|
|
@ -37,11 +37,16 @@
|
|||
const Filter *slap_filter_objectClass_pres;
|
||||
const struct berval *slap_filterstr_objectClass_pres;
|
||||
|
||||
#ifndef SLAPD_MAX_FILTER_DEPTH
|
||||
#define SLAPD_MAX_FILTER_DEPTH 5000
|
||||
#endif
|
||||
|
||||
static int get_filter_list(
|
||||
Operation *op,
|
||||
BerElement *ber,
|
||||
Filter **f,
|
||||
const char **text );
|
||||
const char **text,
|
||||
int depth );
|
||||
|
||||
static int get_ssa(
|
||||
Operation *op,
|
||||
|
|
@ -80,12 +85,13 @@ filter_destroy( void )
|
|||
return;
|
||||
}
|
||||
|
||||
int
|
||||
get_filter(
|
||||
static int
|
||||
get_filter0(
|
||||
Operation *op,
|
||||
BerElement *ber,
|
||||
Filter **filt,
|
||||
const char **text )
|
||||
const char **text,
|
||||
int depth )
|
||||
{
|
||||
ber_tag_t tag;
|
||||
ber_len_t len;
|
||||
|
|
@ -126,6 +132,11 @@ get_filter(
|
|||
*
|
||||
*/
|
||||
|
||||
if( depth > SLAPD_MAX_FILTER_DEPTH ) {
|
||||
*text = "filter nested too deeply";
|
||||
return SLAPD_DISCONNECT;
|
||||
}
|
||||
|
||||
tag = ber_peek_tag( ber, &len );
|
||||
|
||||
if( tag == LBER_ERROR ) {
|
||||
|
|
@ -221,7 +232,7 @@ get_filter(
|
|||
|
||||
case LDAP_FILTER_AND:
|
||||
Debug( LDAP_DEBUG_FILTER, "AND\n" );
|
||||
err = get_filter_list( op, ber, &f.f_and, text );
|
||||
err = get_filter_list( op, ber, &f.f_and, text, depth+1 );
|
||||
if ( err != LDAP_SUCCESS ) {
|
||||
break;
|
||||
}
|
||||
|
|
@ -234,7 +245,7 @@ get_filter(
|
|||
|
||||
case LDAP_FILTER_OR:
|
||||
Debug( LDAP_DEBUG_FILTER, "OR\n" );
|
||||
err = get_filter_list( op, ber, &f.f_or, text );
|
||||
err = get_filter_list( op, ber, &f.f_or, text, depth+1 );
|
||||
if ( err != LDAP_SUCCESS ) {
|
||||
break;
|
||||
}
|
||||
|
|
@ -248,7 +259,7 @@ get_filter(
|
|||
case LDAP_FILTER_NOT:
|
||||
Debug( LDAP_DEBUG_FILTER, "NOT\n" );
|
||||
(void) ber_skip_tag( ber, &len );
|
||||
err = get_filter( op, ber, &f.f_not, text );
|
||||
err = get_filter0( op, ber, &f.f_not, text, depth+1 );
|
||||
if ( err != LDAP_SUCCESS ) {
|
||||
break;
|
||||
}
|
||||
|
|
@ -311,10 +322,22 @@ get_filter(
|
|||
return( err );
|
||||
}
|
||||
|
||||
int
|
||||
get_filter(
|
||||
Operation *op,
|
||||
BerElement *ber,
|
||||
Filter **filt,
|
||||
const char **text )
|
||||
{
|
||||
return get_filter0( op, ber, filt, text, 0 );
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
get_filter_list( Operation *op, BerElement *ber,
|
||||
Filter **f,
|
||||
const char **text )
|
||||
const char **text,
|
||||
int depth )
|
||||
{
|
||||
Filter **new;
|
||||
int err;
|
||||
|
|
@ -328,7 +351,7 @@ get_filter_list( Operation *op, BerElement *ber,
|
|||
tag != LBER_DEFAULT;
|
||||
tag = ber_next_element( ber, &len, last ) )
|
||||
{
|
||||
err = get_filter( op, ber, new, text );
|
||||
err = get_filter0( op, ber, new, text, depth );
|
||||
if ( err != LDAP_SUCCESS )
|
||||
return( err );
|
||||
new = &(*new)->f_next;
|
||||
|
|
|
|||
Loading…
Reference in a new issue