nss-pam-ldapd commit: r1694 - nss-pam-ldapd/nslcd
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd commit: r1694 - nss-pam-ldapd/nslcd
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd commit: r1694 - nss-pam-ldapd/nslcd
- Date: Sun, 20 May 2012 21:53:57 +0200 (CEST)
Author: arthur
Date: Sun May 20 21:53:56 2012
New Revision: 1694
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1694&view=revision
Log:
implement extra range checking of all numeric values
Modified:
nss-pam-ldapd/nslcd/cfg.c
nss-pam-ldapd/nslcd/common.c
nss-pam-ldapd/nslcd/group.c
nss-pam-ldapd/nslcd/passwd.c
nss-pam-ldapd/nslcd/protocol.c
nss-pam-ldapd/nslcd/rpc.c
nss-pam-ldapd/nslcd/service.c
nss-pam-ldapd/nslcd/shadow.c
Modified: nss-pam-ldapd/nslcd/cfg.c
==============================================================================
--- nss-pam-ldapd/nslcd/cfg.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/cfg.c Sun May 20 21:53:56 2012 (r1694)
@@ -450,7 +450,7 @@
/* check if it is a valid numerical uid */
errno=0;
*var=strtouid(token,&tmp,10);
- if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0)&&(strchr(token,'-')==NULL))
return;
/* find by name */
pwent=getpwnam(token);
@@ -476,7 +476,7 @@
/* check if it is a valid numerical gid */
errno=0;
*var=strtogid(token,&tmp,10);
- if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0)&&(strchr(token,'-')==NULL))
return;
/* find by name */
grent=getgrnam(token);
Modified: nss-pam-ldapd/nslcd/common.c
==============================================================================
--- nss-pam-ldapd/nslcd/common.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/common.c Sun May 20 21:53:56 2012 (r1694)
@@ -3,7 +3,7 @@
This file is part of the nss-pam-ldapd library.
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -285,7 +285,7 @@
errno=ERANGE;
return UINT_MAX;
}
- /* If errno was set by strtoull, we'll pass it back as-is */
+ /* If errno was set by strtoul, we'll pass it back as-is */
return (unsigned int)val;
}
#endif /* WANT_STRTOUI */
Modified: nss-pam-ldapd/nslcd/group.c
==============================================================================
--- nss-pam-ldapd/nslcd/group.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/group.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2006 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -288,9 +288,9 @@
myldap_get_dn(entry),attmap_group_gidNumber);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(strchr(gidvalues[numgids],'-')!=NULL))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_group_gidNumber);
return 0;
}
Modified: nss-pam-ldapd/nslcd/passwd.c
==============================================================================
--- nss-pam-ldapd/nslcd/passwd.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/passwd.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -202,9 +202,9 @@
myldap_get_dn(entry),attmap_passwd_uidNumber);
continue;
}
- else if (errno!=0)
+ else if ((errno!=0)||(strchr(values[i],'-')!=NULL))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_passwd_uidNumber);
continue;
}
@@ -500,9 +500,9 @@
myldap_get_dn(entry),attmap_passwd_uidNumber);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(strchr(tmpvalues[numuids],'-')!=NULL))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_passwd_uidNumber);
return 0;
}
@@ -538,9 +538,9 @@
myldap_get_dn(entry),attmap_passwd_gidNumber);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(strchr(gidbuf,'-')!=NULL))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_passwd_gidNumber);
return 0;
}
Modified: nss-pam-ldapd/nslcd/protocol.c
==============================================================================
--- nss-pam-ldapd/nslcd/protocol.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/protocol.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -28,6 +28,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
#include "common.h"
#include "log.h"
@@ -107,7 +108,7 @@
const char **aliases;
const char **protos;
char *tmp;
- int proto;
+ long proto;
int i;
/* get the most canonical name */
name=myldap_get_rdn_value(entry,attmap_protocol_cn);
@@ -144,16 +145,16 @@
myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
}
errno=0;
- proto=(int)strtol(protos[0],&tmp,10);
+ proto=strtol(protos[0],&tmp,10);
if ((*(protos[0])=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"%s: %s: non-numeric",
myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(proto<0)||(proto>UINT8_MAX))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
return 0;
}
@@ -161,6 +162,7 @@
WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
WRITE_STRING(fp,name);
WRITE_STRINGLIST_EXCEPT(fp,aliases,name);
+ /* proto number is actually an 8-bit value but we write 32 bits anyway */
WRITE_INT32(fp,proto);
return 0;
}
Modified: nss-pam-ldapd/nslcd/rpc.c
==============================================================================
--- nss-pam-ldapd/nslcd/rpc.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/rpc.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -28,6 +28,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
#include "common.h"
#include "log.h"
@@ -108,7 +109,7 @@
const char **aliases;
const char **numbers;
char *tmp;
- int number;
+ long number;
int i;
/* get the most canonical name */
name=myldap_get_rdn_value(entry,attmap_rpc_cn);
@@ -145,16 +146,16 @@
myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
}
errno=0;
- number=(int)strtol(numbers[0],&tmp,10);
+ number=strtol(numbers[0],&tmp,10);
if ((*(numbers[0])=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"%s: %s: non-numeric",
myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(number>UINT32_MAX))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
return 0;
}
Modified: nss-pam-ldapd/nslcd/service.c
==============================================================================
--- nss-pam-ldapd/nslcd/service.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/service.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -28,6 +28,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
#include "common.h"
#include "log.h"
@@ -136,7 +137,7 @@
const char **ports;
const char **protocols;
char *tmp;
- int port;
+ long port;
int i;
/* get the most canonical name */
name=myldap_get_rdn_value(entry,attmap_service_cn);
@@ -173,16 +174,16 @@
myldap_get_dn(entry),attmap_service_ipServicePort);
}
errno=0;
- port=(int)strtol(ports[0],&tmp,10);
+ port=strtol(ports[0],&tmp,10);
if ((*(ports[0])=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"%s: %s: non-numeric value",
myldap_get_dn(entry),attmap_service_ipServicePort);
return 0;
}
- else if (errno!=0)
+ else if ((errno!=0)||(port<=0)||(port>UINT16_MAX))
{
- log_log(LOG_WARNING,"%s: %s: too large",
+ log_log(LOG_WARNING,"%s: %s: out of range",
myldap_get_dn(entry),attmap_service_ipServicePort);
return 0;
}
@@ -201,6 +202,7 @@
WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
WRITE_STRING(fp,name);
WRITE_STRINGLIST_EXCEPT(fp,aliases,name);
+ /* port number is actually a 16-bit value but we write 32 bits anyway */
WRITE_INT32(fp,port);
WRITE_STRING(fp,protocols[i]);
}
Modified: nss-pam-ldapd/nslcd/shadow.c
==============================================================================
--- nss-pam-ldapd/nslcd/shadow.c Fri May 18 16:21:48 2012 (r1693)
+++ nss-pam-ldapd/nslcd/shadow.c Sun May 20 21:53:56 2012 (r1694)
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -138,7 +138,7 @@
}
else if (errno!=0)
{
- log_log(LOG_WARNING,"%s: %s: too large",dn,attr);
+ log_log(LOG_WARNING,"%s: %s: out of range",dn,attr);
return -1;
}
return value/864-134774;
@@ -154,7 +154,7 @@
}
else if (errno!=0)
{
- log_log(LOG_WARNING,"%s: %s: too large",dn,attr);
+ log_log(LOG_WARNING,"%s: %s: out of range",dn,attr);
return -1;
}
return value;
@@ -178,7 +178,7 @@
} \
else if (errno!=0) \
{ \
- log_log(LOG_WARNING,"%s: %s: too large", \
+ log_log(LOG_WARNING,"%s: %s: out of range", \
myldap_get_dn(entry),attmap_shadow_##att); \
var=fallback; \
}
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/
- nss-pam-ldapd commit: r1694 - nss-pam-ldapd/nslcd,
Commits of the nss-pam-ldapd project
