UTIL: Sanitize newline and carriage return characters.

Introducing valid usernames with a trailing newline character triggers the removal of valid LDB cache entries. Resolves: https://pagure.io/SSSD/sssd/issue/3317 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
author: Victor Tapia <victor.tapia@canonical.com> 2017-03-02 14:57:08 +0100
committer: Lukas Slebodnik <lslebodn@redhat.com> 2017-03-07 20:45:11 +0100
commit: ee2906c1d50ab8001863b0a423fe957d4e0bcb37 (patch)
tree: a9f5359bdfbd82d131f97be03deacfdc0925005b /src/util
parent: efd5c076fde0b07fde625a57b34a2d7c66a9c5dc (diff)
download: sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.tar.gz
sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.tar.xz
sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c
index 885f67e66..a528f0c02 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -589,6 +589,16 @@ errno_t sss_filter_sanitize_ex(TALLOC_CTX *mem_ctx,
             output[j++] = '5';
             output[j++] = 'c';
             break;
+        case '\r':
+            output[j++] = '\\';
+            output[j++] = '0';
+            output[j++] = 'd';
+            break;
+        case '\n':
+            output[j++] = '\\';
+            output[j++] = '0';
+            output[j++] = 'a';
+            break;
         default:
             output[j++] = input[i];
         }
author	Victor Tapia <victor.tapia@canonical.com>	2017-03-02 14:57:08 +0100
committer	Lukas Slebodnik <lslebodn@redhat.com>	2017-03-07 20:45:11 +0100
commit	ee2906c1d50ab8001863b0a423fe957d4e0bcb37 (patch)
tree	a9f5359bdfbd82d131f97be03deacfdc0925005b /src/util
parent	efd5c076fde0b07fde625a57b34a2d7c66a9c5dc (diff)
download	sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.tar.gz sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.tar.xz sssd-ee2906c1d50ab8001863b0a423fe957d4e0bcb37.zip