From 46dfa69060f22a443d4ad9d2bf34441ff1adf2d3 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Fri, 18 Nov 2011 12:28:55 -0500
Subject: RESPONDER: Ensure that all input strings are valid UTF-8

---
 Makefile.am                             |  6 ++++--
 src/external/libunistring.m4            |  5 +++++
 src/responder/common/responder.h        |  2 ++
 src/responder/common/responder_common.c |  8 ++++++++
 src/responder/nss/nsssrv_cmd.c          | 21 +++++++++++++++++++++
 src/responder/nss/nsssrv_netgroup.c     |  7 +++++++
 src/responder/pam/pamsrv_cmd.c          |  5 +++++
 7 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index c51d484fb..87def30b2 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -399,7 +399,8 @@ sssd_nss_SOURCES = \
     $(SSSD_RESPONDER_OBJ)
 sssd_nss_LDADD = \
     $(TDB_LIBS) \
-    $(SSSD_LIBS)
+    $(SSSD_LIBS) \
+    -lunistring
 
 sssd_pam_SOURCES = \
     src/responder/pam/pam_LOCAL_domain.c \
@@ -410,7 +411,8 @@ sssd_pam_SOURCES = \
     $(SSSD_RESPONDER_OBJ)
 sssd_pam_LDADD = \
     $(TDB_LIBS) \
-    $(SSSD_LIBS)
+    $(SSSD_LIBS) \
+    -lunistring
 
 sssd_be_SOURCES = \
     src/providers/data_provider_be.c \
diff --git a/src/external/libunistring.m4 b/src/external/libunistring.m4
index 69c54fe3f..18ea3e62a 100644
--- a/src/external/libunistring.m4
+++ b/src/external/libunistring.m4
@@ -6,4 +6,9 @@ AC_CHECK_HEADERS(unistr.h,
 AC_CHECK_HEADERS(unicase.h,
     [AC_CHECK_LIB([unistring], [u8_casecmp], [ UNISTRING_LIBS="-lunistring" ], [AC_MSG_ERROR([No usable libunistring library found])])],
     [AC_MSG_ERROR([libunistring header files are not installed])]
+)
+
+AC_CHECK_HEADERS(unistr.h,
+    [AC_CHECK_LIB([unistring], [u8_check], [ UNISTRING_LIBS="-lunistring" ], [AC_MSG_ERROR([No usable libunistring library found])])],
+    [AC_MSG_ERROR([libunistring header files are not installed])]
 )
\ No newline at end of file
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index 6b81aadac..29bfff06e 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -171,4 +171,6 @@ int sss_dp_send_acct_req(struct resp_ctx *rctx, TALLOC_CTX *callback_memctx,
                          bool fast_reply, int type,
                          const char *opt_name, uint32_t opt_id);
 
+bool sss_utf8_check(const uint8_t *s, size_t n);
+
 #endif /* __SSS_RESPONDER_H__ */
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 2a4a5d20c..5389031bc 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -33,6 +33,7 @@
 #include <sys/time.h>
 #include <errno.h>
 #include <popt.h>
+#include <unistr.h>
 #include "config.h"
 #include "util/util.h"
 #include "db/sysdb.h"
@@ -683,3 +684,10 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
     return EOK;
 }
 
+bool sss_utf8_check(const uint8_t *s, size_t n)
+{
+    if (u8_check(s, n) == NULL) {
+        return true;
+    }
+    return false;
+}
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 2aa7a9126..31a47210d 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -873,6 +873,13 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
@@ -2140,6 +2147,13 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
@@ -3180,6 +3194,13 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c
index dbee7f2de..ac586c960 100644
--- a/src/responder/nss/nsssrv_netgroup.c
+++ b/src/responder/nss/nsssrv_netgroup.c
@@ -113,6 +113,13 @@ int nss_cmd_setnetgrent(struct cli_ctx *client)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     req = setnetgrent_send(cmdctx, rawname, cmdctx);
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 8035a6878..14e807e55 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -70,6 +70,11 @@ static int extract_string(char **var, size_t size, uint8_t *body, size_t blen,
 
     if (str[size-1]!='\0') return EINVAL;
 
+    /* If the string isn't valid UTF-8, fail */
+    if (!sss_utf8_check(str, size)) {
+        return EINVAL;
+    }
+
     *c += size;
 
     *var = (char *) str;
-- 
cgit