From fa2636a32e31e15ca7312a42bb9a78753b1725ca Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Jan 30 2013 17:54:55 +0000 Subject: Ticket 162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS https://fedorahosted.org/389/ticket/162 Bug Description: Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS Fix Description: Cannot use continue - have to go to the end of the loop and get the next attribute - added a label for nextattr and use goto nextattr instead of continue. --- diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c index 12cefaf..e1655ce 100644 --- a/ldap/servers/plugins/acl/acllas.c +++ b/ldap/servers/plugins/acl/acllas.c @@ -2444,7 +2444,9 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data) } else if (strcasecmp ( attrType, type_memberURL) == 0) { char *memberURL, *savURL; - if (!info->userDN) continue; + if (!info->userDN){ + goto nextattr; + } i= slapi_attr_first_value ( currAttr,&sval ); while ( i != -1 ) { @@ -2481,13 +2483,13 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data) } i = slapi_attr_next_value ( currAttr, i, &sval ); } - /* Evaluate Fortezza groups */ + /* Evaluate Certificate groups */ } else if ((strcasecmp (attrType, type_memberCert) == 0) ) { /* Do we have the certificate around */ if (!info->clientCert) { slapi_log_error( SLAPI_LOG_ACL, plugin_name, " acllas__handle_group_entry:Client Cert missing\n" ); - continue; + goto nextattr; } i = slapi_attr_first_value ( currAttr,&sval ); while ( i != -1 ) { @@ -2501,7 +2503,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data) i = slapi_attr_next_value ( currAttr, i, &sval ); } } - +nextattr: attrType = NULL; /* get the next attr */ slapi_entry_next_attr ( e, currAttr, &nextAttr );