diff options
Diffstat (limited to 'src/responder/ifp/ifpsrv_cmd.c')
-rw-r--r-- | src/responder/ifp/ifpsrv_cmd.c | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c index 2fc4308b4..cd9ab4441 100644 --- a/src/responder/ifp/ifpsrv_cmd.c +++ b/src/responder/ifp/ifpsrv_cmd.c @@ -96,17 +96,43 @@ static errno_t ifp_user_get_attr_unpack_msg(struct ifp_attr_req *attr_req) { bool parsed; + char **attrs; + int nattrs; + int i, ai; + const char **whitelist = attr_req->ireq->ifp_ctx->user_whitelist; parsed = sbus_request_parse_or_finish(attr_req->ireq->dbus_req, DBUS_TYPE_STRING, &attr_req->name, DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, - &attr_req->attrs, - &attr_req->nattrs, + &attrs, &nattrs, DBUS_TYPE_INVALID); if (parsed == false) { + DEBUG(SSSDBG_OP_FAILURE, "Could not parse arguments\n"); return EOK; /* handled */ } + /* Copy the attributes to maintain memory hierarchy with talloc */ + attr_req->attrs = talloc_zero_array(attr_req, const char *, nattrs+1); + if (attr_req->attrs == NULL) { + return ENOMEM; + } + + ai = 0; + for (i = 0; i < nattrs; i++) { + if (ifp_attr_allowed(whitelist, attrs[i]) == false) { + DEBUG(SSSDBG_MINOR_FAILURE, + "Attribute %s not present in the whitelist, skipping\n", + attrs[i]); + continue; + } + + attr_req->attrs[ai] = talloc_strdup(attr_req->attrs, attrs[i]); + if (attr_req->attrs[ai] == NULL) { + return ENOMEM; + } + ai++; + } + return EOK; } |