summaryrefslogtreecommitdiffstats
path: root/src/kadmin/v4server
diff options
context:
space:
mode:
authorKen Raeburn <raeburn@mit.edu>2000-07-01 00:51:58 +0000
committerKen Raeburn <raeburn@mit.edu>2000-07-01 00:51:58 +0000
commitb63a75c40310afc82e4af5372f92bec2e0a4c67e (patch)
tree21afaf6fefb69b3e9692ac78785e8023904713c1 /src/kadmin/v4server
parent7d348b141e39e286d544f0d72173a1a60f6ce434 (diff)
downloadkrb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.tar.gz
krb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.tar.xz
krb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.zip
pullup from 1.2-beta4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12497 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/v4server')
-rw-r--r--src/kadmin/v4server/ChangeLog27
-rw-r--r--src/kadmin/v4server/acl_files.c67
-rw-r--r--src/kadmin/v4server/admin_server.c4
-rw-r--r--src/kadmin/v4server/kadm_err.et1
-rw-r--r--src/kadmin/v4server/kadm_ser_wrap.c8
-rw-r--r--src/kadmin/v4server/kadm_server.c3
6 files changed, 94 insertions, 16 deletions
diff --git a/src/kadmin/v4server/ChangeLog b/src/kadmin/v4server/ChangeLog
index 936fcca9a..76b2bd49e 100644
--- a/src/kadmin/v4server/ChangeLog
+++ b/src/kadmin/v4server/ChangeLog
@@ -1,3 +1,30 @@
+2000-05-23 Ken Raeburn <raeburn@mit.edu>
+
+ * admin_server.c (main, case 'r'): Reject realm name that's too
+ long.
+
+ * acl_files.c (acl_load): Return error if name too long.
+
+ * kadm_err.et (KADM_REALM_TOO_LONG): New error code.
+ * kadm_ser_wrap.c (kadm_ser_init): Return it instead of truncating
+ a too-long realm name.
+
+2000-05-23 Nalin Dahyabhai <nalin@redhat.com>
+
+ * acl_files.c (acl_canonicalize_principal): If the principal name
+ would be too long, return a zero-length string to mark it as invalid.
+ (acl_load): Don't add the principal to the hash if it's invalid.
+ (acl_add): Don't check the principal if it's invalid.
+ (acl_delete): Don't try to delete the principal if it's invalid.
+
+ * kadm_ser_wrap.c (kadm_ser_init): Truncate "server_parm.krbrlm"
+ if "realm" is too long.
+
+2000-05-23 Tom Yu <tlyu@mit.edu>
+
+ * kadm_server.c (kadm_ser_cpw): Add new arg to call to
+ chpass_principal_util().
+
1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
diff --git a/src/kadmin/v4server/acl_files.c b/src/kadmin/v4server/acl_files.c
index 22a0007de..3e3bbe6d9 100644
--- a/src/kadmin/v4server/acl_files.c
+++ b/src/kadmin/v4server/acl_files.c
@@ -69,7 +69,8 @@ void acl_canonicalize_principal(principal, canon)
char *principal;
char *canon;
{
- char *dot, *atsign, *end;
+ char *dot, *atsign, *end, *canon_save = canon;
+ char realm[REALM_SZ];
int len;
dot = strchr(principal, INST_SEP);
@@ -94,18 +95,33 @@ char *canon;
/* Get the principal name */
len = MIN(ANAME_SZ, COR(dot, COR(atsign, end)) - principal);
- strncpy(canon, principal, len);
- canon += len;
+ if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) {
+ strncpy(canon, principal, len);
+ canon += len;
+ } else {
+ strcpy(canon, "");
+ return;
+ }
/* Add INST_SEP */
- *canon++ = INST_SEP;
+ if(canon + 1 < canon_save + MAX_PRINCIPAL_SIZE) {
+ *canon++ = INST_SEP;
+ } else {
+ strcpy(canon, "");
+ return;
+ }
/* Get the instance, if it exists */
if(dot != NULL) {
++dot;
len = MIN(INST_SZ, COR(atsign, end) - dot);
- strncpy(canon, dot, len);
- canon += len;
+ if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) {
+ strncpy(canon, dot, len);
+ canon += len;
+ } else {
+ strcpy(canon, "");
+ return;
+ }
}
/* Add REALM_SEP */
@@ -116,11 +132,21 @@ char *canon;
if(atsign != NULL) {
++atsign;
len = MIN(REALM_SZ, end - atsign);
- strncpy(canon, atsign, len);
- canon += len;
- *canon++ = '\0';
- } else if(krb_get_lrealm(canon, 1) != KSUCCESS) {
- strcpy(canon, KRB_REALM);
+ if(canon + len + 1 < canon_save + MAX_PRINCIPAL_SIZE) {
+ strncpy(canon, atsign, len);
+ canon += len;
+ *canon++ = '\0';
+ } else {
+ strcpy(canon, "");
+ return;
+ }
+ } else if(krb_get_lrealm(realm, 1) != KSUCCESS) {
+ if(canon + strlen(realm) < canon_save + MAX_PRINCIPAL_SIZE) {
+ strcpy(canon, KRB_REALM);
+ } else {
+ strcpy(canon, "");
+ return;
+ }
}
}
@@ -399,7 +425,11 @@ char *name;
}
/* Set up the acl */
- strcpy(acl_cache[i].filename, name);
+ if (strlen (name) >= sizeof (acl_cache[i].filename) - 1) {
+ return -1;
+ }
+ strncpy(acl_cache[i].filename, name, sizeof(acl_cache[i].filename) - 1);
+ acl_cache[i].filename[sizeof(acl_cache[i].filename) - 1] = '\0';
if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
/* Force reload */
acl_cache[i].acl = (struct hashtbl *) 0;
@@ -426,7 +456,9 @@ char *name;
while(fgets(buf, sizeof(buf), f) != NULL) {
nuke_whitespace(buf);
acl_canonicalize_principal(buf, canon);
- add_hash(acl_cache[i].acl, canon);
+ if(strlen(canon) > 0) {
+ add_hash(acl_cache[i].acl, canon);
+ }
}
fclose(f);
acl_cache[i].status = s;
@@ -459,6 +491,9 @@ char *principal;
acl_canonicalize_principal(principal, canon);
+ /* Is it an invalid principal name? */
+ if(strlen(canon) == 0) return(0);
+
/* Is it there? */
if(acl_exact_match(acl, canon)) return(1);
@@ -489,6 +524,9 @@ char *principal;
acl_canonicalize_principal(principal, canon);
+ /* Is it an invalid principal name? */
+ if(strlen(canon) == 0) return(-1);
+
if((new = acl_lock_file(acl)) == NULL) return(-1);
if((acl_exact_match(acl, canon))
|| (idx = acl_load(acl)) < 0) {
@@ -523,6 +561,9 @@ char *principal;
acl_canonicalize_principal(principal, canon);
+ /* Is it an invalid principal name? */
+ if(strlen(canon) == 0) return(-1);
+
if((new = acl_lock_file(acl)) == NULL) return(-1);
if((!acl_exact_match(acl, canon))
|| (idx = acl_load(acl)) < 0) {
diff --git a/src/kadmin/v4server/admin_server.c b/src/kadmin/v4server/admin_server.c
index 90bf087c9..cd8742dea 100644
--- a/src/kadmin/v4server/admin_server.c
+++ b/src/kadmin/v4server/admin_server.c
@@ -149,6 +149,10 @@ char *argv[];
fascist_cpw = 0;
break;
case 'r':
+ if (strlen (optarg) + 1 > REALM_SZ) {
+ com_err(argv[0], 0, "realm name `%s' too long", optarg);
+ exit(1);
+ }
(void) strncpy(krbrlm, optarg, sizeof(krbrlm) - 1);
break;
case 'k':
diff --git a/src/kadmin/v4server/kadm_err.et b/src/kadmin/v4server/kadm_err.et
index a19273083..07ab9da4b 100644
--- a/src/kadmin/v4server/kadm_err.et
+++ b/src/kadmin/v4server/kadm_err.et
@@ -54,4 +54,5 @@ ec KADM_INSECURE_PW, "Insecure password rejected"
ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match"
ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request"
+ec KADM_REALM_TOO_LONG, "Realm name too long"
end
diff --git a/src/kadmin/v4server/kadm_ser_wrap.c b/src/kadmin/v4server/kadm_ser_wrap.c
index bca814d07..42d27aa46 100644
--- a/src/kadmin/v4server/kadm_ser_wrap.c
+++ b/src/kadmin/v4server/kadm_ser_wrap.c
@@ -47,7 +47,7 @@ kadm_ser_init(inter, realm, params)
kadm_ser_init(inter, realm)
int inter; /* interactive or from file */
char realm[];
-#endif
+#endif
{
struct servent *sep;
struct hostent *hp;
@@ -64,7 +64,11 @@ kadm_ser_init(inter, realm)
(void) strcpy(server_parm.sname, PWSERV_NAME);
(void) strcpy(server_parm.sinst, KRB_MASTER);
- (void) strcpy(server_parm.krbrlm, realm);
+ if (strlen (realm) > REALM_SZ)
+ return KADM_REALM_TOO_LONG;
+ (void) strncpy(server_parm.krbrlm, realm, sizeof(server_parm.krbrlm)-1);
+ server_parm.krbrlm[sizeof(server_parm.krbrlm) - 1] = '\0';
+
if (krb5_425_conv_principal(kadm_context, server_parm.sname,
server_parm.sinst, server_parm.krbrlm,
&server_parm.sprinc))
diff --git a/src/kadmin/v4server/kadm_server.c b/src/kadmin/v4server/kadm_server.c
index 687259bf5..886620f31 100644
--- a/src/kadmin/v4server/kadm_server.c
+++ b/src/kadmin/v4server/kadm_server.c
@@ -309,7 +309,8 @@ int *outlen;
*msg_ret = '\0';
} else {
retval = kadm5_chpass_principal_util(kadm5_handle, user_princ,
- pword, NULL, msg_ret);
+ pword, NULL, msg_ret,
+ sizeof(msg_ret));
msg_ptr = msg_ret;
}
(void) krb5_free_principal(kadm_context, user_princ);
generated by cgit (git 2.34.1) at 2024-10-10 06:23:57 +0000