- **status**: review --> fixed
- **Comment**:
opensaf-4.3.x:
changeset: 5940:665f39cbd878
branch: opensaf-4.3.x
parent: 5930:214972614415
user: Zoran Milinkovic <[email protected]>
date: Mon Sep 29 15:38:28 2014 +0200
summary: imm: add missing check in seach init [#1135]
-----
opensaf-4.4.x:
changeset: 5941:cc6b206093ae
branch: opensaf-4.4.x
parent: 5931:3fff80ea7b42
user: Zoran Milinkovic <[email protected]>
date: Mon Sep 29 15:38:28 2014 +0200
summary: imm: add missing check in seach init [#1135]
-----
opensaf-4.5.x:
changeset: 5942:710cd9700c85
branch: opensaf-4.5.x
parent: 5938:833d3ecd9026
user: Zoran Milinkovic <[email protected]>
date: Tue Sep 30 10:19:43 2014 +0200
summary: imm: add missing check and fix validation in seach init [#1135]
-----
default(4.6):
changeset: 5943:6690b465643e
tag: tip
parent: 5939:152140dc5d7e
user: Zoran Milinkovic <[email protected]>
date: Tue Sep 30 10:19:43 2014 +0200
summary: imm: add missing check and fix validation in seach init [#1135]
---
** [tickets:#1135] Imm: Missing validity check on 'objectName' in
saImmOmSearchInitialize**
**Status:** fixed
**Milestone:** 4.3.3
**Created:** Thu Sep 25, 2014 08:20 AM UTC by Anders Bjornerstedt
**Last Updated:** Mon Sep 29, 2014 01:52 PM UTC
**Owner:** Zoran Milinkovic
If one compares saImmOmSearchInitialize with saImmOmAccessorGet one can see
this check in accessorGet (4.4 version of the code):
if ((objectName == NULL) || (objectName->length == 0) ||
(objectName->length >= SA_MAX_NAME_LENGTH)) {
TRACE_2("ERR_INVALID_PARAM: Incorrect parameter contents:
objectName");
TRACE_LEAVE();
return SA_AIS_ERR_INVALID_PARAM;
}
But no corresponding check on 'rootName' in the searchInitialize code.
The check can not be identical, because the 'rootName' argument in
searchInitialize can be NULL if the search is to be global.
But if rootName is not NULL then a corresponding check must be done.
In addition, if rootName is not NULL, we must allow the case of the
root being empty (rootName->length == 0).
For backwards compatibility we also have to allow the case:
((rootName->length !=0) && strnlen(rootName->value, rootName->length)==0)
The check that rootName->lenght is within bounds is here assumed to have
been done earlier.
This bug has apparently always been there. It has nothing to do with 4.5
or long-names etc, but it will impact code that is long-name addapted in 4.5.
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/opensaf/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/opensaf/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets
