summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-11-12 09:36:56 -0500
committerStephen Gallagher <sgallagh@redhat.com>2010-11-15 09:52:35 -0500
commitbe434625437ff3dd4cce83a655226c67943e5ceb (patch)
tree74168cf7ac8e8f8a9f277abbbd6d9177e8aa9f17
parent4f5824cf9b80dede79a6eddbcbb48f4ac75e5de4 (diff)
downloadsssd-be434625437ff3dd4cce83a655226c67943e5ceb.tar.gz
sssd-be434625437ff3dd4cce83a655226c67943e5ceb.tar.xz
sssd-be434625437ff3dd4cce83a655226c67943e5ceb.zip
Sanitize ldap attributes in the config file
https://fedorahosted.org/sssd/ticket/458
-rw-r--r--src/providers/ldap/sdap.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 95b63d17c..047562f78 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -34,6 +34,7 @@ int sdap_get_map(TALLOC_CTX *memctx,
struct sdap_attr_map **_map)
{
struct sdap_attr_map *map;
+ char *name;
int i, ret;
map = talloc_array(memctx, struct sdap_attr_map, num_entries);
@@ -50,8 +51,26 @@ int sdap_get_map(TALLOC_CTX *memctx,
ret = confdb_get_string(cdb, map, conf_path,
map[i].opt_name,
map[i].def_name,
- &map[i].name);
- if ((ret != EOK) || (map[i].def_name && !map[i].name)) {
+ &name);
+ if (ret != EOK) {
+ DEBUG(0, ("Failed to retrieve value for %s\n", map[i].opt_name));
+ talloc_zfree(map);
+ return EINVAL;
+ }
+
+ if (name) {
+ ret = sss_filter_sanitize(map, name, &map[i].name);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not sanitize attribute [%s]\n", name));
+ talloc_zfree(map);
+ return EINVAL;
+ }
+ talloc_zfree(name);
+ } else {
+ map[i].name = NULL;
+ }
+
+ if (map[i].def_name && !map[i].name) {
DEBUG(0, ("Failed to retrieve value for %s\n", map[i].opt_name));
if (ret != EOK) {
talloc_zfree(map);