From 5ef5b7ebec21ac99a61466cf5861b7d301bc7da0 Mon Sep 17 00:00:00 2001
From: boli <boli@localhost>
Date: Fri, 01 May 2009 01:14:55 +0000
Subject: [PATCH] Second fix for issue 3949: All ASN.1 parsing code now ignores trailing unrecognized SEQUENCE components.

---
 opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java |   39 +++++++++++++--------------------------
 1 files changed, 13 insertions(+), 26 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index a22a179..953d76b 100644
--- a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -249,33 +249,20 @@
       {
         ASN1Reader reader = ASN1.getReader(requestValue);
         reader.readStartSequence();
-        while(reader.hasNextElement())
+        if(reader.hasNextElement() &&
+            reader.peekType() == TYPE_PASSWORD_MODIFY_USER_ID)
         {
-          switch (reader.peekType())
-          {
-            case TYPE_PASSWORD_MODIFY_USER_ID:
-              userIdentity = reader.readOctetString();
-              break;
-            case TYPE_PASSWORD_MODIFY_OLD_PASSWORD:
-              oldPassword = reader.readOctetString();
-              break;
-            case TYPE_PASSWORD_MODIFY_NEW_PASSWORD:
-              newPassword = reader.readOctetString();
-              break;
-            default:
-              // Its ok if we encounter unrecognized trailing tags
-              reader.skipElement();
-              if(reader.hasNextElement())
-              {
-                operation.setResultCode(ResultCode.PROTOCOL_ERROR);
-
-
-                operation.appendErrorMessage(
-                    ERR_EXTOP_PASSMOD_ILLEGAL_REQUEST_ELEMENT_TYPE.get(
-                        byteToHex(reader.peekType())));
-                return;
-              }
-          }
+          userIdentity = reader.readOctetString();
+        }
+        if(reader.hasNextElement() &&
+            reader.peekType() == TYPE_PASSWORD_MODIFY_OLD_PASSWORD)
+        {
+          oldPassword = reader.readOctetString();
+        }
+        if(reader.hasNextElement() &&
+            reader.peekType() == TYPE_PASSWORD_MODIFY_NEW_PASSWORD)
+        {
+          newPassword = reader.readOctetString();
         }
         reader.readEndSequence();
       }

--
Gitblit v1.10.0