[Date Prev][Date Next] [Chronological] [Thread] [Top]

Bug in libraries/libldif/line64.c



The put_type_and_value() routine in libraries/libldif/line64.c contains a
bug which results in creation of an invalid LDIF-formatted entry. The bug
occurs when padding bytes are added to a binary attribute value AND the
padding bytes appear at the end of a "full" display line. The logic which
writes the pad character into the positions occupied by the padding bytes
does not account for the possibility that '\n' may have been output into the
display buffer. As a result, using a negative offset into the display buffer
will overwrite the leading space required for an LDIF-format continuation
line, and leave the original padding bytes unchanged.

One method of addressing this problem is to use the knowledge of how many
padding bytes must be written to output the pad character directly into the
display buffer as it is being written. In this manner, even if a '\n' must
be written, the display buffer will be correct. The following patch (against
openldap-devel) implements this logic: 

*** ldap/libraries/libldif/line64.c     Sat Aug  8 17:43:17 1998
--- dev/oldap/libraries/libldif/line64.c        Wed Sep 30 17:46:30 1998
***************
*** 272,285 ****
                                        len = 1;
                                }

                                /* get b64 digit from low order 6 bits */
                                *(*out)++ = nib2b64[ (bits & 0xfc0000L) >>
18 ];
                        }
!
!                       for ( ; pad > 0; pad-- ) {
!                               *(*out - pad) = '=';
                        }
                }
        }
        *(*out)++ = '\n';
  }
--- 272,286 ----
                                        len = 1;
                                }

+                               if ( i + pad < 4 ) {
                                        /* get b64 digit from low order 6
bits */
                                        *(*out)++ = nib2b64[ (bits &
0xfc0000L) >> 18 ];
                                }
!                               else {
!                                       *(*out)++ = '=';
                                }
                        }
+               }
        }
        *(*out)++ = '\n';
  }


Comments? Suggestions? Alternative solutions?

Ken McGarrahan
Southwestern Bell Telephone
*	Phone: (314) 235-3160
*	E-Mail: km4155@sbc.com