summaryrefslogtreecommitdiff
path: root/source4/ntvfs/ipc
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2009-09-18 22:58:03 -0700
committerAndrew Tridgell <tridge@samba.org>2009-09-18 22:58:03 -0700
commit7c542406b192cd72c40778850d92771974d6466c (patch)
tree473d143f20fd665410569ae3af69b362ef9bc25a /source4/ntvfs/ipc
parente9a589feac531379e569bc39d803b16179002cfa (diff)
downloadsamba-7c542406b192cd72c40778850d92771974d6466c.tar.gz
samba-7c542406b192cd72c40778850d92771974d6466c.tar.bz2
samba-7c542406b192cd72c40778850d92771974d6466c.zip
s4-pipes: convert pipe names to lowercase and validate
clients may provide arbitrary names, but we only want lowercase alnum names
Diffstat (limited to 'source4/ntvfs/ipc')
-rw-r--r--source4/ntvfs/ipc/vfs_ipc.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/source4/ntvfs/ipc/vfs_ipc.c b/source4/ntvfs/ipc/vfs_ipc.c
index 0cd909e351..3a27b8d7b0 100644
--- a/source4/ntvfs/ipc/vfs_ipc.c
+++ b/source4/ntvfs/ipc/vfs_ipc.c
@@ -39,6 +39,7 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include <gssapi/gssapi.h>
+#include "system/locale.h"
/* this is the private structure used to keep the state of an open
ipc$ connection. It needs to keep information about all open
@@ -222,6 +223,18 @@ struct ipc_open_state {
static void ipc_open_done(struct tevent_req *subreq);
/*
+ check the pipename is valid
+ */
+static NTSTATUS validate_pipename(const char *name)
+{
+ while (*name) {
+ if (!isalnum(*name)) return NT_STATUS_INVALID_PARAMETER;
+ name++;
+ }
+ return NT_STATUS_OK;
+}
+
+/*
open a file - used for MSRPC pipes
*/
static NTSTATUS ipc_open(struct ntvfs_module_context *ntvfs,
@@ -275,6 +288,12 @@ static NTSTATUS ipc_open(struct ntvfs_module_context *ntvfs,
while (fname[0] == '\\') fname++;
+ /* check for valid characters in name */
+ fname = strlower_talloc(p, fname);
+
+ status = validate_pipename(fname);
+ NT_STATUS_NOT_OK_RETURN(status);
+
p->pipe_name = talloc_asprintf(p, "\\pipe\\%s", fname);
NT_STATUS_HAVE_NO_MEMORY(p->pipe_name);