Bug 1024552 DoS due to improper handling of ger attr searches
https://bugzilla.redhat.com/show_bug.cgi?id=1024552
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: The traversal of the attr list looking for GER objectclasses
was modifying the same attribute twice, removing the "@" from it. The second
time, since there was no "@" in the string, the strchr would return NULL, and
the code would not check for it.
The code was simplified and rewritten to use charray_merge_nodup
to build the gerattrs list with unique objectclass values, which I believe was
the intention of the original code. I also added some error checking to look
for invalid attributes like "@name" "name@" and "name@name@name".
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
(cherry picked from commit 3a1ce9e326d9788be233f7edd9d7bad20efb9690)
(cherry picked from commit 47f1769dbd1618d0385fb3e5441219f9c280486b)