summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-09-10 11:07:25 -0400
committerSimo Sorce <ssorce@redhat.com>2009-09-10 17:28:35 -0400
commitc80b4774c8358e8e9bb141ff28a5660224698a58 (patch)
tree52b605f2ff99dbfa119a9cf013edf1e00270478a
parent0ec9546099dc0fc9685188cbe12175f7bfd9a47c (diff)
downloadsssd-c80b4774c8358e8e9bb141ff28a5660224698a58.tar.gz
sssd-c80b4774c8358e8e9bb141ff28a5660224698a58.tar.xz
sssd-c80b4774c8358e8e9bb141ff28a5660224698a58.zip
Properly detect negative/invalid values for the minId and maxId
-rw-r--r--server/confdb/confdb.c59
1 files changed, 53 insertions, 6 deletions
diff --git a/server/confdb/confdb.c b/server/confdb/confdb.c
index 778345f..1ef2233 100644
--- a/server/confdb/confdb.c
+++ b/server/confdb/confdb.c
@@ -21,11 +21,13 @@
#define _GNU_SOURCE
+#include <ctype.h>
#include "config.h"
#include "util/util.h"
#include "confdb/confdb.h"
#include "confdb/confdb_private.h"
#include "util/btreemap.h"
+#include "util/strtonum.h"
#include "db/sysdb.h"
#define CONFDB_DOMAINS_PATH "config/domains"
@@ -673,6 +675,39 @@ int confdb_init(TALLOC_CTX *mem_ctx,
return EOK;
}
+static errno_t get_entry_as_uint32(struct ldb_message *msg,
+ uint32_t *return_value,
+ const char *entry,
+ uint32_t default_value)
+{
+ const char *tmp = NULL;
+ char *endptr;
+ uint32_t u32ret = 0;
+
+ tmp = ldb_msg_find_attr_as_string(msg, entry, NULL);
+ if (tmp == NULL) {
+ *return_value = default_value;
+ return EOK;
+ }
+
+ if ((*tmp == '-') || (*tmp == '\0')) {
+ return EINVAL;
+ }
+
+ u32ret = strtouint32 (tmp, &endptr, 10);
+ if (errno) {
+ return errno;
+ }
+
+ if (*endptr != '\0') {
+ /* Not all of the string was a valid number */
+ return EINVAL;
+ }
+
+ *return_value = u32ret;
+ return EOK;
+}
+
static int confdb_get_domain_internal(struct confdb_ctx *cdb,
TALLOC_CTX *mem_ctx,
const char *name,
@@ -780,12 +815,24 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
domain->fqnames = true;
}
- domain->id_min = ldb_msg_find_attr_as_uint(res->msgs[0],
- "minId", SSSD_MIN_ID);
- domain->id_max = ldb_msg_find_attr_as_uint(res->msgs[0],
- "maxId", 0);
- if ((domain->id_max && (domain->id_max < domain->id_min)) ||
- (domain->id_min < 0)){
+ ret = get_entry_as_uint32(res->msgs[0], &domain->id_min,
+ "minId", SSSD_MIN_ID);
+ if (ret != EOK) {
+ DEBUG(0, ("Invalid value for minId\n"));
+ ret = EINVAL;
+ goto done;
+ }
+
+ ret = get_entry_as_uint32(res->msgs[0], &domain->id_max,
+ "maxId", 0);
+ if (ret != EOK) {
+ DEBUG(0, ("Invalid value for maxId\n"));
+ ret = EINVAL;
+ goto done;
+ }
+
+ if (domain->id_max && (domain->id_max < domain->id_min)) {
+ DEBUG(0, ("Invalid domain range\n"));
ret = EINVAL;
goto done;
}