RESPONDER: Ensure that all input strings are valid UTF-8

author: Stephen Gallagher <sgallagh@redhat.com> 2011-11-18 12:28:55 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-12-05 13:49:40 -0500
commit: 46dfa69060f22a443d4ad9d2bf34441ff1adf2d3 (patch)
tree: fe4e06ce69fb49cb6295b0b18bb3a07cb2fca81e /src/responder/pam
parent: 2476cbaad1a5a5ac36a02b7a5fddb33c5139b76a (diff)
download: sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.tar.gz
sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.tar.xz
sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 8035a6878..14e807e55 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -70,6 +70,11 @@ static int extract_string(char **var, size_t size, uint8_t *body, size_t blen,
 
     if (str[size-1]!='\0') return EINVAL;
 
+    /* If the string isn't valid UTF-8, fail */
+    if (!sss_utf8_check(str, size)) {
+        return EINVAL;
+    }
+
     *c += size;
 
     *var = (char *) str;
author	Stephen Gallagher <sgallagh@redhat.com>	2011-11-18 12:28:55 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-12-05 13:49:40 -0500
commit	46dfa69060f22a443d4ad9d2bf34441ff1adf2d3 (patch)
tree	fe4e06ce69fb49cb6295b0b18bb3a07cb2fca81e /src/responder/pam
parent	2476cbaad1a5a5ac36a02b7a5fddb33c5139b76a (diff)
download	sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.tar.gz sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.tar.xz sssd-46dfa69060f22a443d4ad9d2bf34441ff1adf2d3.zip