You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by se...@apache.org on 2007/01/07 23:05:56 UTC
svn commit: r493860 - in /directory/trunks/shared/ldap/src: main/antlr/
main/java/org/apache/directory/shared/ldap/filter/
test/java/org/apache/directory/shared/ldap/aci/
test/java/org/apache/directory/shared/ldap/filter/
Author: seelmann
Date: Sun Jan 7 14:05:55 2007
New Revision: 493860
URL: http://svn.apache.org/viewvc?view=rev&rev=493860
Log:
Fix for DIRSERVER-814: Improved filter detection in ACI lexer; Added check for balanced parenthesis into filter parser (parser hangs in an infinite loop)
Modified:
directory/trunks/shared/ldap/src/main/antlr/ACIItem.g
directory/trunks/shared/ldap/src/main/antlr/ACIItemChecker.g
directory/trunks/shared/ldap/src/main/antlr/SubtreeSpecificationChecker.g
directory/trunks/shared/ldap/src/main/antlr/filter-lexer.g
directory/trunks/shared/ldap/src/main/antlr/filter-value-lexer.g
directory/trunks/shared/ldap/src/main/antlr/filter-value-parser.g
directory/trunks/shared/ldap/src/main/antlr/subtree-specification.g
directory/trunks/shared/ldap/src/main/java/org/apache/directory/shared/ldap/filter/FilterParserImpl.java
directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/aci/ACIItemParserTest.java
directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/filter/FilterParserImplTest.java
Modified: directory/trunks/shared/ldap/src/main/antlr/ACIItem.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/ACIItem.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/ACIItem.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/ACIItem.g Sun Jan 7 14:05:55 2007
@@ -1469,7 +1469,12 @@
"attributeValue"! ( SP! )+ '{'! ( options { greedy = false; } : . )* '}'!
{ $setType( ATTRIBUTE_VALUE_CANDIDATE ); }
| ( "rangeOfValues" ( SP! )+ '(' ) =>
- "rangeOfValues"! ( SP! )+ '(' ( options { greedy = false; } : . )* ')'
+ "rangeOfValues"! ( SP! )+ FILTER
{ $setType( RANGE_OF_VALUES_CANDIDATE ); }
| ALPHA ( ALPHA | DIGIT | HYPHEN )*
;
+
+protected FILTER : '(' ( ( '&' (SP)* (FILTER)+ ) | ( '|' (SP)* (FILTER)+ ) | ( '!' (SP)* FILTER ) | FILTER_VALUE ) ')' (SP)* ;
+
+protected FILTER_VALUE : (options{greedy=true;}: ~( ')' | '(' | '&' | '|' | '!' ) ( ~(')') )* ) ;
+
Modified: directory/trunks/shared/ldap/src/main/antlr/ACIItemChecker.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/ACIItemChecker.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/ACIItemChecker.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/ACIItemChecker.g Sun Jan 7 14:05:55 2007
@@ -816,7 +816,13 @@
"attributeValue"! ( SP! )+ '{'! ( options { greedy = false; } : . )* '}'!
{ $setType( ATTRIBUTE_VALUE_CANDIDATE ); }
| ( "rangeOfValues" ( SP! )+ '(' ) =>
- "rangeOfValues"! ( SP! )+ '(' ( options { greedy = false; } : . )* ')'
+ "rangeOfValues"! ( SP! )+ FILTER
{ $setType( RANGE_OF_VALUES_CANDIDATE ); }
| ALPHA ( ALPHA | DIGIT | HYPHEN )*
;
+
+protected FILTER : '(' ( ( '&' (SP)* (FILTER)+ ) | ( '|' (SP)* (FILTER)+ ) | ( '!' (SP)* FILTER ) | FILTER_VALUE ) ')' (SP)* ;
+
+protected FILTER_VALUE : (options{greedy=true;}: ~( ')' | '(' | '&' | '|' | '!' ) ( ~(')') )* ) ;
+
+
\ No newline at end of file
Modified: directory/trunks/shared/ldap/src/main/antlr/SubtreeSpecificationChecker.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/SubtreeSpecificationChecker.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/SubtreeSpecificationChecker.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/SubtreeSpecificationChecker.g Sun Jan 7 14:05:55 2007
@@ -459,6 +459,6 @@
'\u4e00'..'\u9fff' |
'\uf900'..'\ufaff' ;
-FILTER : '(' ( ( '&' (FILTER)+ ) | ( '|' (FILTER)+ ) | ( '!' FILTER ) | FILTER_VALUE ) ')' ;
+FILTER : '(' ( ( '&' (SP)* (FILTER)+ ) | ( '|' (SP)* (FILTER)+ ) | ( '!' (SP)* FILTER ) | FILTER_VALUE ) ')' (SP)* ;
protected FILTER_VALUE : (options{greedy=true;}: ~( ')' | '(' | '&' | '|' | '!' ) ( ~(')') )* ) ;
Modified: directory/trunks/shared/ldap/src/main/antlr/filter-lexer.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/filter-lexer.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/filter-lexer.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/filter-lexer.g Sun Jan 7 14:05:55 2007
@@ -49,6 +49,7 @@
charVocabulary='\u0001'..'\u0127';
exportVocab = FilterLexer;
importVocab = FilterValueLexer;
+ defaultErrorHandler=false;
}
Modified: directory/trunks/shared/ldap/src/main/antlr/filter-value-lexer.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/filter-value-lexer.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/filter-value-lexer.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/filter-value-lexer.g Sun Jan 7 14:05:55 2007
@@ -53,6 +53,7 @@
// allow any unicode characters
charVocabulary='\u0000'..'\uFFFE';
exportVocab=FilterValueLexer;
+ defaultErrorHandler=false;
}
Modified: directory/trunks/shared/ldap/src/main/antlr/filter-value-parser.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/filter-value-parser.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/filter-value-parser.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/filter-value-parser.g Sun Jan 7 14:05:55 2007
@@ -54,6 +54,7 @@
{
k = 3;
importVocab = FilterValueLexer;
+ defaultErrorHandler=false;
}
Modified: directory/trunks/shared/ldap/src/main/antlr/subtree-specification.g
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/antlr/subtree-specification.g?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/antlr/subtree-specification.g (original)
+++ directory/trunks/shared/ldap/src/main/antlr/subtree-specification.g Sun Jan 7 14:05:55 2007
@@ -567,6 +567,6 @@
'\u4e00'..'\u9fff' |
'\uf900'..'\ufaff' ;
-FILTER : '(' ( ( '&' (FILTER)+ ) | ( '|' (FILTER)+ ) | ( '!' FILTER ) | FILTER_VALUE ) ')' ;
+FILTER : '(' ( ( '&' (SP)* (FILTER)+ ) | ( '|' (SP)* (FILTER)+ ) | ( '!' (SP)* FILTER ) | FILTER_VALUE ) ')' (SP)* ;
protected FILTER_VALUE : (options{greedy=true;}: ~( ')' | '(' | '&' | '|' | '!' ) ( ~(')') )* ) ;
Modified: directory/trunks/shared/ldap/src/main/java/org/apache/directory/shared/ldap/filter/FilterParserImpl.java
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/main/java/org/apache/directory/shared/ldap/filter/FilterParserImpl.java?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/main/java/org/apache/directory/shared/ldap/filter/FilterParserImpl.java (original)
+++ directory/trunks/shared/ldap/src/main/java/org/apache/directory/shared/ldap/filter/FilterParserImpl.java Sun Jan 7 14:05:55 2007
@@ -114,6 +114,24 @@
{
filter = StringTools.trimConsecutiveToOne( filter, '*' );
}
+
+ // check balanced parenthesis
+ int balanced = 0;
+ for(int i=0; i<filter.length(); i++)
+ {
+ if(filter.charAt( i ) == '(')
+ {
+ balanced++;
+ }
+ else if(filter.charAt( i ) == ')')
+ {
+ balanced--;
+ }
+ }
+ if(balanced != 0)
+ {
+ throw new ParseException( "Unbalanced parenthesis", 0 );
+ }
this.parserPipe.write( filter.getBytes() );
this.parserPipe.write( '\n' );
Modified: directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/aci/ACIItemParserTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/aci/ACIItemParserTest.java?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/aci/ACIItemParserTest.java (original)
+++ directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/aci/ACIItemParserTest.java Sun Jan 7 14:05:55 2007
@@ -57,10 +57,32 @@
/**
* Creates a ACIItemParserTest instance.
*/
- public ACIItemParserTest(String s)
+ public ACIItemParserTest( String s )
{
super( s );
parser = new ACIItemParser( null );
+ }
+
+
+ /**
+ * Tests the parser with a rangeOfValues with a nested filter.
+ */
+ public void testRangeOfValues() throws Exception
+ {
+ String spec = " { identificationTag \"id1\" , precedence 114 , authenticationLevel simple , "
+ + "itemOrUserFirst itemFirst :{ protectedItems "
+ + "{ rangeOfValues (&(&(|(|(cn=ccc)(!(cn=ddd))(&(cn=aaa)(cn=bbb)))))) " + "} , itemPermissions { } } }";
+
+ parser.parse( spec );
+
+
+ spec = " { identificationTag \"id8\", precedence 0, authenticationLevel simple "
+ + ", itemOrUserFirst userFirst: { userClasses { allUsers }, userPermissions { "
+ + " { protectedItems { rangeOfValues (& (cn=test) (sn=test) ) }, grantsAndDenials { grantAdd } }, "
+ + "{ protectedItems { rangeOfValues (| (! (cn=aaa) ) (sn=bbb) ) }, grantsAndDenials { grantAdd } } "
+ + " } } }";
+
+ parser.parse( spec );
}
Modified: directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/filter/FilterParserImplTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/filter/FilterParserImplTest.java?view=diff&rev=493860&r1=493859&r2=493860
==============================================================================
--- directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/filter/FilterParserImplTest.java (original)
+++ directory/trunks/shared/ldap/src/test/java/org/apache/directory/shared/ldap/filter/FilterParserImplTest.java Sun Jan 7 14:05:55 2007
@@ -57,6 +57,55 @@
}
+ /**
+ * Tests to avoid deadlocks for invalid filters.
+ *
+ */
+ public void testInvalidFilters() throws IOException, ParseException
+ {
+ try
+ {
+ parser.parse( "(cn=)" );
+ fail( "Invalid filter '(cn=)'" );
+ }
+ catch ( Exception e )
+ {
+ // Expected, invalid filter
+ }
+
+ try
+ {
+ parser.parse( "(cn=test(" );
+ fail( "Invalid filter '(cn=test('" );
+ }
+ catch ( Exception e )
+ {
+ // Expected, invalid filter
+ }
+
+ try
+ {
+ parser.parse( "(cn=aaaaa" );
+ fail( "Invalid filter '(cn=aaaaa'" );
+ }
+ catch ( Exception e )
+ {
+ // Expected, invalid filter
+ }
+
+ try
+ {
+ parser.parse( "(&(cn=abc)" );
+ fail( "Invalid filter '(&(cn=abc)'" );
+ }
+ catch ( Exception e )
+ {
+ // Expected, invalid filter
+ }
+
+ }
+
+
public void testItemFilter() throws IOException, ParseException
{
SimpleNode node = ( SimpleNode ) parser.parse( "( ou ~= people )" );