From 872f2d32d979a1dd2145667487f170fec8b5189a Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Mon, 14 Nov 2011 11:31:37 -0500
Subject: RESPONDER: Ensure that all input strings are valid UTF-8

---
 src/responder/nss/nsssrv_cmd.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'src/responder/nss/nsssrv_cmd.c')

diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 8f4cb4401..a37bd7664 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -873,6 +873,13 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
@@ -2140,6 +2147,13 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
@@ -3180,6 +3194,13 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx)
         ret = EINVAL;
         goto done;
     }
+
+    /* If the body isn't valid UTF-8, fail */
+    if (!sss_utf8_check(body, blen)) {
+        ret = EINVAL;
+        goto done;
+    }
+
     rawname = (const char *)body;
 
     domname = NULL;
-- 
cgit