diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2013-11-25 13:43:30 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-11-29 14:51:54 +0100 |
commit | fec7eabfc1be9350e1797fc79beaf4ca2f5c62e2 (patch) | |
tree | 641089708d8f54cf434ddffe0a421f2d4a498a22 /src/db | |
parent | c55ba1127071f7e6a622d8655d89726128d73981 (diff) | |
download | sssd-fec7eabfc1be9350e1797fc79beaf4ca2f5c62e2.tar.gz sssd-fec7eabfc1be9350e1797fc79beaf4ca2f5c62e2.tar.xz sssd-fec7eabfc1be9350e1797fc79beaf4ca2f5c62e2.zip |
SYSDB: Sanitize filter before sysdb_search_groups
sysdb_delete_user fails with EIO if user does not exist and contains
backslashes.
ldb could not parse filter (&(objectclass=group)(ghost=usr\\\\001)),
because ghost value was not sanitized
Resolves:
https://fedorahosted.org/sssd/ticket/2163
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb_ops.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 094c27b7f..eb88cd256 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -2539,6 +2539,7 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb, struct ldb_message *msg; int ret; int i; + char *sanitized_name; tmp_ctx = talloc_new(NULL); if (!tmp_ctx) { @@ -2578,7 +2579,13 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb, } } else if (ret == ENOENT && name != NULL) { /* Perhaps a ghost user? */ - filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_GHOST, name); + ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name); + if (ret != EOK) { + goto fail; + } + + filter = talloc_asprintf(tmp_ctx, "(%s=%s)", + SYSDB_GHOST, sanitized_name); if (filter == NULL) { ret = ENOMEM; goto fail; |