Blame SOURCES/0015-Ticket-49408-Server-allows-to-set-any-nsds5replicaid.patch

b045b9
From 4569da8f2c55d54a34f31312ee5756c70a7f463c Mon Sep 17 00:00:00 2001
b045b9
From: Mark Reynolds <mreynolds@redhat.com>
b045b9
Date: Thu, 19 Oct 2017 17:33:10 -0400
b045b9
Subject: [PATCH] Ticket 49408 - Server allows to set any nsds5replicaid in the
b045b9
 existing replica entry
b045b9
b045b9
Description:  There was no value validation for replica ID.  Now there is.
b045b9
b045b9
https://pagure.io/389-ds-base/issue/49408
b045b9
b045b9
Reviewed by: tbordaz(Thanks!)
b045b9
b045b9
(cherry picked from commit 296f0abb78b7ec82580d039d9c505506f6ce07be)
b045b9
---
b045b9
 ldap/servers/plugins/replication/repl5_replica_config.c | 12 ++++++++++++
b045b9
 1 file changed, 12 insertions(+)
b045b9
b045b9
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
index 22d766143..7477a292c 100644
b045b9
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
@@ -411,6 +411,18 @@ replica_config_modify(Slapi_PBlock *pb,
b045b9
                     slapi_ch_free_string(&new_repl_type);
b045b9
                     new_repl_type = slapi_ch_strdup(config_attr_value);
b045b9
                 } else if (strcasecmp(config_attr, attr_replicaId) == 0) {
b045b9
+                    char *endp = NULL;
b045b9
+                    int64_t rid = 0;
b045b9
+                    errno = 0;
b045b9
+                    rid = strtoll(config_attr_value, &endp, 10);
b045b9
+                    if (*endp != '\0' || rid > 65535 || rid < 1 || errno == ERANGE) {
b045b9
+                        *returncode = LDAP_UNWILLING_TO_PERFORM;
b045b9
+                        PR_snprintf(errortext, SLAPI_DSE_RETURNTEXT_SIZE,
b045b9
+                            "Attribute %s value (%s) is invalid, must be a number between 1 and 65535.\n",
b045b9
+                            config_attr, config_attr_value);
b045b9
+                        slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, "replica_config_modify - %s\n", errortext);
b045b9
+                        break;
b045b9
+                    }
b045b9
                     slapi_ch_free_string(&new_repl_id);
b045b9
                     new_repl_id = slapi_ch_strdup(config_attr_value);
b045b9
                 } else if (strcasecmp(config_attr, attr_flags) == 0) {
b045b9
-- 
b045b9
2.13.6
b045b9