diff options
| author | araujo <araujo@FreeBSD.org> | 2016-05-16 02:44:22 +0000 |
|---|---|---|
| committer | araujo <araujo@FreeBSD.org> | 2016-05-16 02:44:22 +0000 |
| commit | 597006884d4b7faaac2a44368cc71092b76231fd (patch) | |
| tree | adaac7512375e6fa3036ed704fe2ac139c77e68c | |
| parent | a0609b695300cdec9e5f939feb2672ced5d673cd (diff) | |
| download | FreeBSD-src-597006884d4b7faaac2a44368cc71092b76231fd.zip FreeBSD-src-597006884d4b7faaac2a44368cc71092b76231fd.tar.gz | |
Simplify overengineered and buggy code that looked like as if it did
some kind of UTF-8 validation, but actually didn't, but instead, for
malformed UTF-8 input, caused buffer overruns in some cases and caused
skipping of valid ASCII characters in other cases.
Obtained from: OpenBSD (cvs 1.32)
| -rw-r--r-- | usr.sbin/ypldap/aldap.c | 47 |
1 files changed, 18 insertions, 29 deletions
diff --git a/usr.sbin/ypldap/aldap.c b/usr.sbin/ypldap/aldap.c index 7062507..d07fe7f 100644 --- a/usr.sbin/ypldap/aldap.c +++ b/usr.sbin/ypldap/aldap.c @@ -1,6 +1,6 @@ -/* $Id: aldap.c,v 1.30 2012/04/30 21:40:03 jmatthew Exp $ */ -/* $OpenBSD: aldap.c,v 1.30 2012/04/30 21:40:03 jmatthew Exp $ */ /* $FreeBSD$ */ +/* $Id: aldap.c,v 1.32 2016/04/27 10:53:27 schwarze Exp $ */ +/* $OpenBSD: aldap.c,v 1.32 2016/04/27 10:53:27 schwarze Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver <aschrijver@openbsd.org> @@ -19,6 +19,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include <ctype.h> #include <errno.h> #include <inttypes.h> #include <string.h> @@ -38,6 +39,7 @@ static struct ber_element *ldap_do_parse_search_filter( struct ber_element *, char **); char **aldap_get_stringset(struct ber_element *); char *utoa(char *); +static int isu8cont(unsigned char); char *parseval(char *, size_t); int aldap_create_page_control(struct ber_element *, int, struct aldap_page_control *); @@ -1161,7 +1163,7 @@ ldap_debug_elements(struct ber_element *root) #endif /* - * Convert UTF-8 to ASCII. + * Strip UTF-8 down to ASCII without validation. * notes: * non-ASCII characters are displayed as '?' * the argument u should be a NULL terminated sequence of UTF-8 bytes. @@ -1173,41 +1175,27 @@ utoa(char *u) char *str; /* calculate the length to allocate */ - for (len = 0, i = 0; u[i] != '\0'; ) { - if ((u[i] & 0xF0) == 0xF0) - i += 4; - else if ((u[i] & 0xE0) == 0xE0) - i += 3; - else if ((u[i] & 0xC0) == 0xC0) - i += 2; - else - i += 1; - len++; - } + for (len = 0, i = 0; u[i] != '\0'; i++) + if (!isu8cont(u[i])) + len++; if ((str = calloc(len + 1, sizeof(char))) == NULL) return NULL; /* copy the ASCII characters to the newly allocated string */ - for (i = 0, j = 0; u[i] != '\0'; j++) { - if ((u[i] & 0xF0) == 0xF0) { - str[j] = '?'; - i += 4; - } else if ((u[i] & 0xE0) == 0xE0) { - str[j] = '?'; - i += 3; - } else if ((u[i] & 0xC0) == 0xC0) { - str[j] = '?'; - i += 2; - } else { - str[j] = u[i]; - i += 1; - } - } + for (i = 0, j = 0; u[i] != '\0'; i++) + if (!isu8cont(u[i])) + str[j++] = isascii((unsigned char)u[i]) ? u[i] : '?'; return str; } +static int +isu8cont(unsigned char c) +{ + return (c & (0x80 | 0x40)) == 0x80; +} + /* * Parse a LDAP value * notes: @@ -1270,3 +1258,4 @@ aldap_get_errno(struct aldap *a, const char **estr) } return (a->err); } + |
