diff options
author | Stef Walter <stefw@redhat.com> | 2014-01-07 14:49:01 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-01-12 15:24:26 +0100 |
commit | c86904baad32fbf9e66bf1cdc667aa5e683b48ba (patch) | |
tree | f2582020bb75518f4f18942f0e555b2848eb1dd6 /src/tests/cmocka/test_fqnames.c | |
parent | b9d8c6172e48a2633ebe196b2e88bebdf9523c20 (diff) | |
download | sssd-c86904baad32fbf9e66bf1cdc667aa5e683b48ba.tar.gz sssd-c86904baad32fbf9e66bf1cdc667aa5e683b48ba.tar.xz sssd-c86904baad32fbf9e66bf1cdc667aa5e683b48ba.zip |
NSS: Don't use printf(3) on user provided strings.
This also fixes several corner cases and crashers.
It's not prudent to pass user input to (even admin) input as a
format string to printf, and various distros now check for this.
This can cause accessing memory incorrectly, and various also
various libc abort()'s.
In addition various assumptions were made about full_name_format
that aren't necessarily the case if the user uses a more complex
format.
Use safe-printf.c implementation for formatting full_name_format.
Adapt the NSS resolver so it doesn't barf on formatted strings that
are shorter than expected given a full_name_format.
Tests added and updated appropriately.
Diffstat (limited to 'src/tests/cmocka/test_fqnames.c')
-rw-r--r-- | src/tests/cmocka/test_fqnames.c | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/src/tests/cmocka/test_fqnames.c b/src/tests/cmocka/test_fqnames.c index e0735083a..90f60c5be 100644 --- a/src/tests/cmocka/test_fqnames.c +++ b/src/tests/cmocka/test_fqnames.c @@ -76,7 +76,6 @@ void test_default(void **state) char *fqdn; const int fqdn_size = 255; char fqdn_s[fqdn_size]; - size_t domsize; if (test_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); @@ -87,7 +86,6 @@ void test_default(void **state) "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", "%1$s@%2$s", &test_ctx->nctx); assert_int_equal(ret, EOK); - assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_DOMAIN); fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); assert_non_null(fqdn); @@ -98,9 +96,6 @@ void test_default(void **state) assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME)); assert_string_equal(fqdn_s, NAME"@"DOMNAME); - domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); - assert_int_equal(domsize, sizeof(DOMNAME)-1); - talloc_free(test_ctx->nctx); } @@ -113,7 +108,6 @@ void test_all(void **state) char *fqdn; const int fqdn_size = 255; char fqdn_s[fqdn_size]; - size_t domsize; if (test_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); @@ -124,8 +118,6 @@ void test_all(void **state) "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", "%1$s@%2$s@%3$s", &test_ctx->nctx); assert_int_equal(ret, EOK); - assert_int_equal(test_ctx->nctx->fq_flags, - FQ_FMT_NAME | FQ_FMT_DOMAIN | FQ_FMT_FLAT_NAME); fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); assert_non_null(fqdn); @@ -136,9 +128,6 @@ void test_all(void **state) assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME"@"FLATNAME)); assert_string_equal(fqdn_s, NAME"@"DOMNAME"@"FLATNAME); - domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); - assert_int_equal(domsize, sizeof(DOMNAME)-1 + sizeof(FLATNAME)-1); - talloc_free(test_ctx->nctx); } @@ -151,7 +140,6 @@ void test_flat(void **state) char *fqdn; const int fqdn_size = 255; char fqdn_s[fqdn_size]; - size_t domsize; if (test_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); @@ -162,7 +150,6 @@ void test_flat(void **state) "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", "%1$s@%3$s", &test_ctx->nctx); assert_int_equal(ret, EOK); - assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_FLAT_NAME); fqdn = sss_tc_fqname(test_ctx, test_ctx->nctx, test_ctx->dom, NAME); assert_non_null(fqdn); @@ -173,9 +160,6 @@ void test_flat(void **state) assert_int_equal(ret + 1, sizeof(NAME"@"FLATNAME)); assert_string_equal(fqdn_s, NAME"@"FLATNAME); - domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); - assert_int_equal(domsize, sizeof(FLATNAME)-1); - talloc_free(test_ctx->nctx); } @@ -188,7 +172,6 @@ void test_flat_fallback(void **state) char *fqdn; const int fqdn_size = 255; char fqdn_s[fqdn_size]; - size_t domsize; if (test_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("Type mismatch\n")); @@ -199,7 +182,6 @@ void test_flat_fallback(void **state) "(?P<name>[^@]+)@?(?P<domain>[^@]*$)", "%1$s@%3$s", &test_ctx->nctx); assert_int_equal(ret, EOK); - assert_int_equal(test_ctx->nctx->fq_flags, FQ_FMT_NAME | FQ_FMT_FLAT_NAME); test_ctx->dom->flat_name = NULL; @@ -215,9 +197,6 @@ void test_flat_fallback(void **state) assert_int_equal(ret + 1, sizeof(NAME"@"DOMNAME)); assert_string_equal(fqdn_s, NAME"@"DOMNAME); - domsize = sss_fqdom_len(test_ctx->nctx, test_ctx->dom); - assert_int_equal(domsize, sizeof(DOMNAME)-1); - talloc_free(test_ctx->nctx); } |