upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-27 10:09:43 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix ITS#1649, a filter constructed from a BUFSIZ input line combined with

Browse source 
an argv[] filtpattern will be larger than BUFSIZ.
This commit is contained in:
Howard Chu 2002-03-18 16:16:47 +00:00
parent cc21d814b3
commit deee7442b4
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
clients/tools/ldapsearch.c
View file

@ -935,7 +935,7 @@ static int dosearch(
struct timeval *timeout,
int sizelimit )
{
char filter[ BUFSIZ ];
char *filter;
int rc;
int nresponses;
int nentries;
@ -946,6 +946,12 @@ static int dosearch(
ber_int_t msgid;
if( filtpatt != NULL ) {
filter = malloc( strlen( filtpatt ) + strlen( value ) );
if( filter == NULL ) {
perror( "malloc" );
return EXIT_FAILURE;
}
sprintf( filter, filtpatt, value );
if ( verbose ) {
@ -957,7 +963,7 @@ static int dosearch(
}
} else {
sprintf( filter, "%s", value );
filter = value;
}
if ( not ) {
@ -967,6 +973,10 @@ static int dosearch(
rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
sctrls, cctrls, timeout, sizelimit, &msgid );
if ( filtpatt != NULL ) {
free( filter );
}
if( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: ldap_search_ext: %s (%d)\n",
prog, ldap_err2string( rc ), rc );