On Thu, Aug 29, 2024 at 3:22 PM <minf...@apache.org> wrote:
>
> --- apr/apr-util/branches/1.7.x/ldap/apr_ldap.c (original)
> +++ apr/apr-util/branches/1.7.x/ldap/apr_ldap.c Thu Aug 29 13:21:13 2024
[]
> @@ -1592,16 +1593,32 @@ APU_DECLARE_LDAP(apr_status_t) apr_ldap_
>
> if (vals) {
>
> - int k, nvals;
> + int k, nvals, binary = 0;
> +
> + char *sc = attr;
> +
> + /* support for RFC4522 binary encoding option */
> + while ((sc = strchr(sc, ';'))) {
> + if (!apr_cstr_casecmpn(sc, ";binary", 7) && (sc[7]
> == 0 || sc[7] == ';')) {
> + binary = 1;
> + break;
> + }
An "sc++" is missing here or ";foo" will loop indefinitely (per
https://lists.apache.org/thread/tkhy70138zowr4lkmxmywhnrmy41h410).
> + }
>
> nvals = ldap_count_values_len(vals);
>
> for (k = 0; k < nvals; k++) {
>
> apr_buffer_t buf;
> + char *str = NULL;
>
> - apr_buffer_mem_set(&buf, vals[k]->bv_val,
> vals[k]->bv_len);
> -// fixme - tell cb if binary
> + if (binary) {
> + apr_buffer_mem_set(&buf, vals[k]->bv_val,
> vals[k]->bv_len);
> + }
> + else {
> + str = strndup(vals[k]->bv_val, vals[k]->bv_len);
Not clear why this strndup() is needed still (per
https://lists.apache.org/thread/t08zmhs4s5pxq62l6bxv8ov80wcqthpo).
BTW [1] says it's C23 (not C89) so possibly not usable easily in APR?
[1] https://en.cppreference.com/w/c/experimental/dynamic/strndup
> + apr_buffer_str_set(&buf, str, vals[k]->bv_len);
> + }
>
> if (res->entry_cb.search) {
> status = res->entry_cb.search(ldap, dn,
> res->nentries, nattrs, j,
> @@ -1610,6 +1627,10 @@ APU_DECLARE_LDAP(apr_status_t) apr_ldap_
> else {
> status = apr_ldap_status(err->rc, APR_EGENERAL);
> }
> +
> + if (str) {
> + free(str);
> + }
> }
>
> }
Regards;
Yann.
