>From 45507e8ff5e491dc706a847e64bd09064724835a Mon Sep 17 00:00:00 2001
From: Nathan Kinder <nkinder@xxxxxxxxxx>
Date: Mon, 9 Nov 2009 11:47:11 -0800
Subject: [PATCH] Bug 511112 - Eliminate fixed length array in password history code.
The password history code was using a fixed length array to store
the historical password values that are used to compare to the new
password. The array was hardcoded to 25 values. The server will
allow a maximum 24 password history values to be kept by limiting
the passwordInHistory configuration value, though it would be
possible to do something such as import an LDIF with more than 24
historical password values in an entry, causing the server to crash
when the next password change occurs.
This patch eliminates the fixed length array and dynamically
allocates the array based off of the number of values that exist
in the entry whose password is being modified.
---
ldap/servers/slapd/pw.c | 46 ++++++++++++++++++++++++++++++++++------------
1 files changed, 34 insertions(+), 12 deletions(-)
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index b31966e..76dce38 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -1120,8 +1120,8 @@ int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
static
int pw_in_history( Slapi_Value **history_vals, const Slapi_Value *pw_val)
{
- Slapi_Value *history[25];
- Slapi_Value historycv[25];
+ Slapi_Value **trimmed_history;
+ int num_history_vals = 0;
int i;
int ret = -1;
const char *pw_str = slapi_value_get_string(pw_val);
@@ -1144,16 +1144,25 @@ int pw_in_history( Slapi_Value **history_vals, const Slapi_Value *pw_val)
}
}
}
- }
- else { /* Password is in clear */
+ } else { /* Password is in clear */
+ /* Count the number of history vals. */
+ for (i = 0; history_vals[i] != NULL; i++ )
+ {
+ num_history_vals++;
+ }
+
+ /* Allocate the array */
+ trimmed_history = (Slapi_Value **)slapi_ch_calloc(num_history_vals + 1, sizeof(Slapi_Value *));
+
/* strip the timestamps */
for ( i = 0; history_vals[i] != NULL; i++ )
{
char *h_val = (char *)slapi_value_get_string(history_vals[i]);
size_t h_len = slapi_value_get_length(history_vals[i]);
+
+ /* Allocate a value and put it in the array. */
+ trimmed_history[i] = (Slapi_Value *)slapi_ch_calloc(1, sizeof(Slapi_Value));
- historycv[i].v_csnset = NULL; /* JCM - I don't understand this */
- history[i] = &historycv[i];
if ( h_val != NULL &&
h_len >= 14 )
{
@@ -1161,17 +1170,30 @@ int pw_in_history( Slapi_Value **history_vals, const Slapi_Value *pw_val)
int pos = 14;
if (h_val[pos] == 'Z')
pos++;
- historycv[i].bv.bv_val = &(h_val[pos]);
- historycv[i].bv.bv_len = h_len - pos;
+ trimmed_history[i]->bv.bv_val = &(h_val[pos]);
+ trimmed_history[i]->bv.bv_len = h_len - pos;
} else {
- historycv[i].bv.bv_val = NULL;
- historycv[i].bv.bv_len = 0;
+ trimmed_history[i]->bv.bv_val = NULL;
+ trimmed_history[i]->bv.bv_len = 0;
}
}
- history[i] = NULL;
- ret = slapi_pw_find_sv( history, pw_val);
+
+ /* NULL terminate the array. */
+ trimmed_history[i] = NULL;
+
+ /* Check if the new password is in the trimmed history list. */
+ ret = slapi_pw_find_sv(trimmed_history, pw_val);
}
+ /* Free the trimmed values. */
+ for ( i = 0; trimmed_history[i] != NULL; i++ )
+ {
+ slapi_ch_free((void **)&trimmed_history[i]);
+ }
+
+ /* Free the array. */
+ slapi_ch_free((void **)&trimmed_history);
+
return ( ret );
}
--
1.6.2.5
--
389-devel mailing list
389-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
