diff options
| author | Jan Engelhardt <jengelh@inai.de> | 2013-02-21 13:12:25 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-02-26 17:16:58 +0100 |
| commit | 956309e24c32cd0886736bf065a27d5bdd200a77 (patch) | |
| tree | 4113b531aa9c3db1eef911a15d619e4a11aab2ab /src/providers/ldap/sdap.c | |
| parent | 24a913f47cc883903fbc71e180250da2530eba4a (diff) | |
| download | sssd-956309e24c32cd0886736bf065a27d5bdd200a77.tar.gz sssd-956309e24c32cd0886736bf065a27d5bdd200a77.tar.xz sssd-956309e24c32cd0886736bf065a27d5bdd200a77.zip | |
sysdb: try dealing with binary-content attributes
https://fedorahosted.org/sssd/ticket/1818
I have here a LDAP user entry which has this attribute
loginAllowedTimeMap::
AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA
In the function sysdb_attrs_add_string(), called from
sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is
the wrong thing to do. The result of strlen is then used to populate
the .v_length member of a struct ldb_val - and this will set it to
zero in this case. (There is also the problem that there may not be
a '\0' at all in the blob.)
Subsequently, .v_length being 0 makes ldb_modify(), called from
sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End
result is that users do not get stored in the sysdb, and programs like
`id` or `getent ...` show incomplete information.
The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave
fine, but that may not mean that is the absolute lower boundary of
introduction of the problem.
Diffstat (limited to 'src/providers/ldap/sdap.c')
| -rw-r--r-- | src/providers/ldap/sdap.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 371121b2c..dba4e41db 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -343,7 +343,6 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, const char **ocs; struct sdap_attr_map *map; int num_attrs; - struct ldb_val v; int ret, i, a, mi; const char *name; size_t len; @@ -474,10 +473,9 @@ errno_t sdap_parse_deref(TALLOC_CTX *mem_ctx, for (i=0; dval->vals[i].bv_val; i++) { DEBUG(9, ("Dereferenced attribute value: %s\n", dval->vals[i].bv_val)); - v.data = (uint8_t *) dval->vals[i].bv_val; - v.length = dval->vals[i].bv_len; - - ret = sysdb_attrs_add_val(res[mi]->attrs, name, &v); + ret = sysdb_attrs_add_mem(res[mi]->attrs, name, + dval->vals[i].bv_val, + dval->vals[i].bv_len); if (ret) goto done; } } |