summaryrefslogtreecommitdiffstats
path: root/src/responder
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2012-02-13 10:10:40 -0500
committerStephen Gallagher <sgallagh@redhat.com>2012-02-13 11:46:55 -0500
commita39eeeee48e42a91009af5f5c516c9dab98f4261 (patch)
tree76d05da0a7521edba215a583a55804b852f91619 /src/responder
parent129310e872a0a70e721ba59363e518176ef406d6 (diff)
downloadsssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.tar.gz
sssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.tar.xz
sssd-a39eeeee48e42a91009af5f5c516c9dab98f4261.zip
SSH: Verify that names received from client are valid UTF-8 in responder
Also added a comment describing the wire format of client requests and responses. https://fedorahosted.org/sssd/ticket/1177
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/ssh/sshsrv_cmd.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index eea151691..0a182f310 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -436,6 +436,10 @@ ssh_cmd_parse_request(struct ssh_cmd_ctx *cmd_ctx)
}
name = (char *)(body+c);
+ if (!sss_utf8_check((const uint8_t *)name, name_len-1)) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Supplied data is not valid UTF-8 string\n"));
+ return EINVAL;
+ }
if (strnlen(name, name_len) != name_len-1) {
return EINVAL;
}