diff options
| author | Lukas Slebodnik <lslebodn@redhat.com> | 2016-07-01 22:27:24 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-07-06 17:27:30 +0200 |
| commit | 5d0d0f8067fb53285a38fe978cfa36dbeb53be9b (patch) | |
| tree | 5b433b934ea4d6505a705e164073b9d637217fa2 /src | |
| parent | c7c1941f9045531044121520fc2ca0e048732c25 (diff) | |
| download | sssd-5d0d0f8067fb53285a38fe978cfa36dbeb53be9b.tar.gz sssd-5d0d0f8067fb53285a38fe978cfa36dbeb53be9b.tar.xz sssd-5d0d0f8067fb53285a38fe978cfa36dbeb53be9b.zip | |
sysdb: Use ldb_result as output in sysdb_search_ts_{users,groups}
Passing address of unsigned to the output argument size_t causes
access out of boundaries for type unsigned and and wrong data
on big endian. It looks like functions sysdb_search_ts_{users,groups}
need to store results in structure ldb_result anyway for further processing.
Therefore it will be better to convert output arguments
size_t* + ldb_message*** into structure ldb_result and avoid using
additional helper variable with type size_t before each invocation
of these functions.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/db/sysdb_ops.c | 46 | ||||
| -rw-r--r-- | src/db/sysdb_private.h | 6 | ||||
| -rw-r--r-- | src/db/sysdb_search.c | 6 | ||||
| -rw-r--r-- | src/tests/cmocka/test_sysdb_ts_cache.c | 33 |
4 files changed, 53 insertions, 38 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 9ee8f6fd9..34e8a5ef4 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -3440,15 +3440,30 @@ int sysdb_search_ts_users(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sub_filter, const char **attrs, - size_t *msgs_count, - struct ldb_message ***msgs) + struct ldb_result *res) { + size_t msgs_count; + struct ldb_message **msgs; + int ret; + + if (res == NULL) { + return EINVAL; + } + + ZERO_STRUCT(*res); + if (domain->sysdb->ldb_ts == NULL) { return ENOENT; } - return sysdb_cache_search_users(mem_ctx, domain, domain->sysdb->ldb_ts, - sub_filter, attrs, msgs_count, msgs); + ret = sysdb_cache_search_users(mem_ctx, domain, domain->sysdb->ldb_ts, + sub_filter, attrs, &msgs_count, &msgs); + if (ret == EOK) { + res->count = (unsigned)msgs_count; + res->msgs = msgs; + } + + return ret; } /* =Delete-User-by-Name-OR-uid============================================ */ @@ -3642,15 +3657,30 @@ int sysdb_search_ts_groups(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sub_filter, const char **attrs, - size_t *msgs_count, - struct ldb_message ***msgs) + struct ldb_result *res) { + size_t msgs_count; + struct ldb_message **msgs; + int ret; + + if (res == NULL) { + return EINVAL; + } + + ZERO_STRUCT(*res); + if (domain->sysdb->ldb_ts == NULL) { return ENOENT; } - return sysdb_cache_search_groups(mem_ctx, domain, domain->sysdb->ldb_ts, - sub_filter, attrs, msgs_count, msgs); + ret = sysdb_cache_search_groups(mem_ctx, domain, domain->sysdb->ldb_ts, + sub_filter, attrs, &msgs_count, &msgs); + if (ret == EOK) { + res->count = (unsigned)msgs_count; + res->msgs = msgs; + } + + return ret; } /* =Delete-Group-by-Name-OR-gid=========================================== */ diff --git a/src/db/sysdb_private.h b/src/db/sysdb_private.h index 6f6a19a74..fda33dc74 100644 --- a/src/db/sysdb_private.h +++ b/src/db/sysdb_private.h @@ -241,15 +241,13 @@ int sysdb_search_ts_users(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sub_filter, const char **attrs, - size_t *msgs_count, - struct ldb_message ***msgs); + struct ldb_result *res); int sysdb_search_ts_groups(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *sub_filter, const char **attrs, - size_t *msgs_count, - struct ldb_message ***msgs); + struct ldb_result *res); /* Compares the modifyTimestamp attribute between old_entry and * new_entry. Returns true if they differ (or either entry is missing diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 61b07acc9..ce30e61c3 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -592,10 +592,9 @@ int sysdb_enumpwent_filter(TALLOC_CTX *mem_ctx, } DEBUG(SSSDBG_TRACE_LIBS, "Searching timestamp cache with [%s]\n", ts_filter); - ZERO_STRUCT(ts_res); ret = sysdb_search_ts_users(tmp_ctx, domain, ts_filter, sysdb_ts_cache_attrs, - (size_t *) &ts_res.count, &ts_res.msgs); + &ts_res); if (ret != EOK && ret != ENOENT) { goto done; } @@ -1093,10 +1092,9 @@ int sysdb_enumgrent_filter(TALLOC_CTX *mem_ctx, } DEBUG(SSSDBG_TRACE_LIBS, "Searching timestamp cache with [%s]\n", ts_filter); - ZERO_STRUCT(ts_res); ret = sysdb_search_ts_groups(tmp_ctx, domain, ts_filter, sysdb_ts_cache_attrs, - (size_t *) &ts_res.count, &ts_res.msgs); + &ts_res); if (ret != EOK && ret != ENOENT) { goto done; } diff --git a/src/tests/cmocka/test_sysdb_ts_cache.c b/src/tests/cmocka/test_sysdb_ts_cache.c index c76dd1e8e..d54922996 100644 --- a/src/tests/cmocka/test_sysdb_ts_cache.c +++ b/src/tests/cmocka/test_sysdb_ts_cache.c @@ -522,8 +522,7 @@ static void test_sysdb_group_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, ENOENT); group_attrs = create_modstamp_attrs(test_ctx, TEST_MODSTAMP_1); @@ -542,8 +541,7 @@ static void test_sysdb_group_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, EOK); assert_int_equal(ts_res->count, 1); @@ -562,8 +560,7 @@ static void test_sysdb_group_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, ENOENT); res = sysdb_getgrnam_res(test_ctx, test_ctx->tctx->dom, TEST_GROUP_NAME); @@ -610,8 +607,7 @@ static void test_sysdb_group_rename(void **state) test_ctx->tctx->dom, filter, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, ENOENT); talloc_free(filter); @@ -866,9 +862,8 @@ static void test_group_bysid(void **state) const char *gr_fetch_attrs[] = SYSDB_GRSRC_ATTRS; struct sysdb_attrs *group_attrs = NULL; struct ldb_result *res; - size_t msgs_count; struct ldb_message *msg = NULL; - struct ldb_message **msgs = NULL; + struct ldb_result ts_res; group_attrs = create_sidstr_attrs(test_ctx, TEST_GROUP_SID); assert_non_null(group_attrs); @@ -931,8 +926,7 @@ static void test_group_bysid(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - &msgs_count, - &msgs); + &ts_res); assert_int_equal(ret, ENOENT); } @@ -1062,8 +1056,7 @@ static void test_sysdb_user_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, ENOENT); user_attrs = create_modstamp_attrs(test_ctx, TEST_MODSTAMP_1); @@ -1085,8 +1078,7 @@ static void test_sysdb_user_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, EOK); assert_int_equal(ts_res->count, 1); @@ -1109,8 +1101,7 @@ static void test_sysdb_user_delete(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - (size_t *) &ts_res->count, - &ts_res->msgs); + ts_res); assert_int_equal(ret, ENOENT); get_pw_timestamp_attrs(test_ctx, TEST_USER_NAME, @@ -1235,9 +1226,8 @@ static void test_user_bysid(void **state) const char *pw_fetch_attrs[] = SYSDB_PW_ATTRS; struct sysdb_attrs *user_attrs = NULL; struct ldb_result *res; - size_t msgs_count; struct ldb_message *msg = NULL; - struct ldb_message **msgs = NULL; + struct ldb_result ts_res; user_attrs = create_sidstr_attrs(test_ctx, TEST_USER_SID); assert_non_null(user_attrs); @@ -1298,8 +1288,7 @@ static void test_user_bysid(void **state) test_ctx->tctx->dom, TS_FILTER_ALL, sysdb_ts_cache_attrs, - &msgs_count, - &msgs); + &ts_res); assert_int_equal(ret, ENOENT); } |