From a39eeeee48e42a91009af5f5c516c9dab98f4261 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Mon, 13 Feb 2012 10:10:40 -0500
Subject: SSH: Verify that names received from client are valid UTF-8 in
 responder

Also added a comment describing the wire format of client requests and
responses.

https://fedorahosted.org/sssd/ticket/1177
---
 src/responder/ssh/sshsrv_cmd.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/responder')

diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index eea151691..0a182f310 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -436,6 +436,10 @@ ssh_cmd_parse_request(struct ssh_cmd_ctx *cmd_ctx)
     }
 
     name = (char *)(body+c);
+    if (!sss_utf8_check((const uint8_t *)name, name_len-1)) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("Supplied data is not valid UTF-8 string\n"));
+        return EINVAL;
+    }
     if (strnlen(name, name_len) != name_len-1) {
         return EINVAL;
     }
-- 
cgit