summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--services/samba/ldb.esp35
1 files changed, 31 insertions, 4 deletions
diff --git a/services/samba/ldb.esp b/services/samba/ldb.esp
index 1cd98adc3a..2654efe988 100644
--- a/services/samba/ldb.esp
+++ b/services/samba/ldb.esp
@@ -17,6 +17,34 @@ jsonrpc_include("resources.esp");
/**
+ * Local function to determine if the requested database is one which we allow
+ * access to.
+ *
+ * @param dbRequested
+ * Name of the database which is being requested to be opened
+ *
+ * @return
+ * true if access is allowed; false otherwise.
+ */
+function accessAllowed(dbRequested)
+{
+ /* Databases allowed to connect to */
+ dbAllowed = new Array();
+ dbAllowed[dbAllowed.length] = "sam.ldb";
+
+ for (var i = 0; i < dbAllowed.length; i++)
+ {
+ if (dbRequested == dbAllowed[i])
+ {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+
+/**
* Connect to a database
*
* @param params[0]
@@ -52,11 +80,10 @@ function _connect(params, error)
return resourceId;
}
- /* Ensure there are no slashes in the database name */
- var components = split('/', params[0]);
- if (components.length > 1)
+ /* Ensure that the database name is one that is allowed to be opened */
+ if (! accessAllowed(params[0]))
{
- error.setError(1, "Invalid database name (contains '/')");
+ error.setError(-1, "Invalid or disallowed database name");
return error;
}