diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-11-06 15:45:19 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-11-11 12:29:16 +0100 |
commit | 976721275abd6202749dbf4e0f9494c678d9fbf9 (patch) | |
tree | 8c44e01a3a6c5323b1315696f5ec9a4c0e48d9a5 | |
parent | 8c74c5ca31450cb9f022486ab6eda6cfd5dde49a (diff) | |
download | sssd-976721275abd6202749dbf4e0f9494c678d9fbf9.tar.gz sssd-976721275abd6202749dbf4e0f9494c678d9fbf9.tar.xz sssd-976721275abd6202749dbf4e0f9494c678d9fbf9.zip |
DP: Check callback messages for valid UTF-8
https://fedorahosted.org/sssd/ticket/2861
Messages passed from Data Provider to responder must be valid UTF-8
strings. Because providers might not be completely under our control,
we need to check if the messages we receive are valid UTF-8 and if they
are not, use a fallback.
-rw-r--r-- | src/providers/data_provider_be.c | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 5f299a720..562a15a2d 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -37,6 +37,7 @@ #include <security/pam_modules.h> #include "util/util.h" +#include "util/sss_utf8.h" #include "confdb/confdb.h" #include "db/sysdb.h" #include "sbus/sssd_dbus.h" @@ -132,6 +133,27 @@ static const char *dp_err_to_string(int dp_err_type) return "Unknown Error"; } +static const char *safe_be_req_err_msg(const char *msg_in, + int dp_err_type) +{ + bool ok; + + if (msg_in == NULL) { + /* No custom error, just use default */ + return dp_err_to_string(dp_err_type); + } + + ok = sss_utf8_check((const uint8_t *) msg_in, + strlen(msg_in)); + if (!ok) { + DEBUG(SSSDBG_MINOR_FAILURE, + "Back end message is invalid, using default\n"); + return dp_err_to_string(dp_err_type); + } + + return msg_in; +} + #define REQ_PHASE_ACCESS 0 #define REQ_PHASE_SELINUX 1 @@ -658,11 +680,7 @@ static void get_subdomains_callback(struct be_req *req, */ err_maj = dp_err_type; err_min = errnum; - if (errstr) { - err_msg = errstr; - } else { - err_msg = dp_err_to_string(dp_err_type); - } + err_msg = safe_be_req_err_msg(errstr, dp_err_type); sbus_request_return_and_finish(dbus_req, DBUS_TYPE_UINT16, &err_maj, @@ -797,11 +815,7 @@ static void acctinfo_callback(struct be_req *req, err_maj = dp_err_type; err_min = errnum; - if (errstr) { - err_msg = errstr; - } else { - err_msg = dp_err_to_string(dp_err_type); - } + err_msg = safe_be_req_err_msg(errstr, dp_err_type); sbus_request_return_and_finish(dbus_req, DBUS_TYPE_UINT16, &err_maj, @@ -1547,10 +1561,13 @@ static void be_sudo_handler_callback(struct be_req *req, int dp_ret, const char *errstr) { + const char *err_msg = NULL; struct sbus_request *dbus_req; + dbus_req = (struct sbus_request *)(req->pvt); - be_sudo_handler_reply(dbus_req, dp_err, dp_ret, errstr); + err_msg = safe_be_req_err_msg(errstr, dp_err); + be_sudo_handler_reply(dbus_req, dp_err, dp_ret, err_msg); talloc_free(req); } @@ -1891,11 +1908,7 @@ static void be_autofs_handler_callback(struct be_req *req, err_maj = dp_err_type; err_min = errnum; - if (errstr) { - err_msg = errstr; - } else { - err_msg = dp_err_to_string(dp_err_type); - } + err_msg = safe_be_req_err_msg(errstr, dp_err_type); sbus_request_return_and_finish(dbus_req, DBUS_TYPE_UINT16, &err_maj, |