Don't do anything to the filter string until we've successfully parsed

the extensibleMatch. Make sure the filter string is always null-terminated, as we use "strlen()" to skip to the end of it. On the (illegal, but not impossible) chance that we have more than one matching rule ID, attributeDescription, or matchValue, free any we already have before fetching a new one. svn path=/trunk/; revision=16609
2005-11-27 02:42:29 +00:00 · 2005-11-27 02:42:29 +00:00 · cf75dd602a
parent 91126d392b
commit cf75dd602a
1 changed files with 19 additions and 7 deletions
--- a/epan/dissectors/packet-ldap.c
+++ b/epan/dissectors/packet-ldap.c
@ -811,14 +811,9 @@ static int parse_filter_extensibleMatch(ASN1_SCK *a, char **filter, guint *filte
    * expression
    */
    matchingRule = type = matchValue = NULL;
-    dnAttributes = 0;
+    dnAttributes = FALSE;
    end = a->offset + byte_length;

-    filterp = *filter + strlen(*filter);
-    *filter_length += 1; /* For the ( */
-    *filter = g_realloc(*filter, *filter_length);
-    *filterp++ = '(';
-
    while (a->offset < end) {
        /*
         * Now, parse out each of those items
@ -841,6 +836,10 @@ static int parse_filter_extensibleMatch(ASN1_SCK *a, char **filter, guint *filte

        switch (tag) {
        case 0x01:  /* Parse Matching Rule Id */
+            if (matchingRule != NULL) {
+                g_free(matchingRule);
+                matchingRule = NULL;
+            }
            ret = asn1_string_value_decode(a, (int) string_length, &matchingRule);
            if (ret != ASN1_ERR_NOERROR) {
                return ret;
@ -848,6 +847,10 @@ static int parse_filter_extensibleMatch(ASN1_SCK *a, char **filter, guint *filte
            break;

        case 0x02:  /* Parse attributeDescription */
+            if (type != NULL) {
+                g_free(type);
+                type = NULL;
+            }
            ret = asn1_string_value_decode(a, (int) string_length, &type);
            if (ret != ASN1_ERR_NOERROR) {
                return ret;
@ -855,6 +858,10 @@ static int parse_filter_extensibleMatch(ASN1_SCK *a, char **filter, guint *filte
            break;

        case 0x03:  /* Parse the matchValue */
+            if (matchValue != NULL) {
+                g_free(matchValue);
+                matchValue = NULL;
+            }
            ret = asn1_string_value_decode(a, (int) string_length, &matchValue);
            if (ret != ASN1_ERR_NOERROR) {
                return ret;
@ -877,7 +884,12 @@ static int parse_filter_extensibleMatch(ASN1_SCK *a, char **filter, guint *filte
    /*
     * Now, fill in the filter string
     */
-   
+    filterp = *filter + strlen(*filter);
+    *filter_length += 1; /* For the ( */
+    *filter = g_realloc(*filter, *filter_length);
+    *filterp++ = '(';
+    *filterp = '\0';
+
    if (type) {
        if (strlen(type) > 0) {
            *filter_length += 1 + strlen(type);