diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-11-19 19:28:36 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-11-20 11:18:50 -0500 |
commit | 55ab3a9b2dcbe809dece953605ab359c5e12a139 (patch) | |
tree | d608a987d14a7f267b6a9f2ebe73bf8660dab0cb | |
parent | 7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31 (diff) | |
download | sssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.tar.gz sssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.tar.xz sssd-55ab3a9b2dcbe809dece953605ab359c5e12a139.zip |
Correctly escape DN value.
In building the DN string we weren't correctly escaping the value of the RDN
component. This patches fixes that.
-rw-r--r-- | server/db/sysdb_ops.c | 48 |
1 files changed, 42 insertions, 6 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c index 4a44f280a..da53fd3bb 100644 --- a/server/db/sysdb_ops.c +++ b/server/db/sysdb_ops.c @@ -2769,6 +2769,42 @@ int sysdb_store_user_recv(struct tevent_req *req) /* =Store-Group-(Native/Legacy)-(replaces-existing-data)================== */ +static char *build_dom_dn_str_escape(TALLOC_CTX *memctx, const char *template, + const char *domain, const char *name) +{ + char *ret; + int l; + + l = strcspn(name, ",=\n+<>#;\\\""); + if (name[l] != '\0') { + struct ldb_val v; + char *tmp; + + v.data = discard_const_p(uint8_t, name); + v.length = strlen(name); + + tmp = ldb_dn_escape_value(memctx, v); + if (!tmp) { + return NULL; + } + + ret = talloc_asprintf(memctx, template, tmp, domain); + talloc_zfree(tmp); + if (!ret) { + return NULL; + } + + return ret; + } + + ret = talloc_asprintf(memctx, template, name, domain); + if (!ret) { + return NULL; + } + + return ret; +} + /* this function does not check that all user members are actually present */ struct sysdb_store_group_state { @@ -2873,9 +2909,9 @@ static void sysdb_store_group_check(struct tevent_req *subreq) for (i = 0; state->member_users && state->member_users[i]; i++) { char *member; - member = talloc_asprintf(state, SYSDB_TMPL_USER, - state->member_users[i], - state->domain->name); + member = build_dom_dn_str_escape(state, SYSDB_TMPL_USER, + state->domain->name, + state->member_users[i]); if (!member) { DEBUG(4, ("Error: Out of memory\n")); tevent_req_error(req, ENOMEM); @@ -2896,9 +2932,9 @@ static void sysdb_store_group_check(struct tevent_req *subreq) for (i = 0; state->member_groups && state->member_groups[i]; i++) { char *member; - member = talloc_asprintf(state, SYSDB_TMPL_GROUP, - state->member_groups[i], - state->domain->name); + member = build_dom_dn_str_escape(state, SYSDB_TMPL_GROUP, + state->domain->name, + state->member_groups[i]); if (!member) { DEBUG(4, ("Error: Out of memory\n")); tevent_req_error(req, ENOMEM); |