diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-08 13:37:14 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-10 11:34:46 -0400 |
commit | ca4b7b92738f3dd463914e3de5757cd98d37a983 (patch) | |
tree | b7b781eabeed9a096fca59df8d836418ac3a41b7 | |
parent | e2a59ba258ab98a6f50a1af627bc4cdceaa59101 (diff) | |
download | sssd-ca4b7b92738f3dd463914e3de5757cd98d37a983.tar.gz sssd-ca4b7b92738f3dd463914e3de5757cd98d37a983.tar.bz2 sssd-ca4b7b92738f3dd463914e3de5757cd98d37a983.zip |
LDAP: Add attr_count return value to build_attrs_from_map()
This is necessary because in several places in the code, we are
appending to the attrs returned from this value, and if we relied
on the map size macro, we would be appending after the NULL
terminator if one or more attributes were defined as NULL.
-rw-r--r-- | src/providers/ipa/ipa_hosts.c | 5 | ||||
-rw-r--r-- | src/providers/ipa/ipa_id.c | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_netgroups.c | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_selinux_maps.c | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_subdomains_id.c | 4 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.c | 5 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id.c | 6 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_enum.c | 4 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_netgroup.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_services.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap.c | 31 | ||||
-rw-r--r-- | src/providers/ldap/sdap.h | 4 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_autofs.c | 4 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 14 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 10 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_services.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo.c | 2 |
17 files changed, 62 insertions, 39 deletions
diff --git a/src/providers/ipa/ipa_hosts.c b/src/providers/ipa/ipa_hosts.c index 30013864..09a5acaf 100644 --- a/src/providers/ipa/ipa_hosts.c +++ b/src/providers/ipa/ipa_hosts.c @@ -102,7 +102,8 @@ ipa_host_info_send(TALLOC_CTX *mem_ctx, state->host_map = host_map; state->hostgroup_map = hostgroup_map; - ret = build_attrs_from_map(state, host_map, IPA_OPTS_HOST, &state->attrs); + ret = build_attrs_from_map(state, host_map, IPA_OPTS_HOST, + &state->attrs, NULL); if (ret != EOK) { goto immediate; } @@ -213,7 +214,7 @@ ipa_host_info_done(struct tevent_req *subreq) if (state->hostgroup_map) { talloc_free(state->attrs); ret = build_attrs_from_map(state, state->hostgroup_map, - IPA_OPTS_HOSTGROUP, &state->attrs); + IPA_OPTS_HOSTGROUP, &state->attrs, NULL); if (ret != EOK) { tevent_req_error(req, ret); return; diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c index f2a27c74..1f434799 100644 --- a/src/providers/ipa/ipa_id.c +++ b/src/providers/ipa/ipa_id.c @@ -212,7 +212,7 @@ struct tevent_req *ipa_netgroup_get_send(TALLOC_CTX *memctx, talloc_zfree(clean_name); ret = build_attrs_from_map(state, ctx->opts->netgroup_map, - IPA_OPTS_NETGROUP, &state->attrs); + IPA_OPTS_NETGROUP, &state->attrs, NULL); if (ret != EOK) goto fail; ret = ipa_netgroup_get_retry(req); diff --git a/src/providers/ipa/ipa_netgroups.c b/src/providers/ipa/ipa_netgroups.c index 3aedf531..881eeb86 100644 --- a/src/providers/ipa/ipa_netgroups.c +++ b/src/providers/ipa/ipa_netgroups.c @@ -528,7 +528,7 @@ static int ipa_netgr_fetch_hosts(struct ipa_get_netgroups_state *state, return ENOMEM; ret = build_attrs_from_map(state, state->ipa_opts->host_map, - IPA_OPTS_HOST, &attrs); + IPA_OPTS_HOST, &attrs, NULL); if (ret != EOK) { talloc_free(filter); return ret; diff --git a/src/providers/ipa/ipa_selinux_maps.c b/src/providers/ipa/ipa_selinux_maps.c index 711274b1..28923cee 100644 --- a/src/providers/ipa/ipa_selinux_maps.c +++ b/src/providers/ipa/ipa_selinux_maps.c @@ -77,7 +77,7 @@ struct tevent_req *ipa_selinux_get_maps_send(TALLOC_CTX *mem_ctx, state->maps = NULL; ret = build_attrs_from_map(state, ipa_opts->selinuxuser_map, - IPA_OPTS_SELINUX_USERMAP, &state->attrs); + IPA_OPTS_SELINUX_USERMAP, &state->attrs, NULL); if (ret != EOK) goto fail; state->cur_filter = NULL; diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c index a4558e68..39f076cd 100644 --- a/src/providers/ipa/ipa_subdomains_id.c +++ b/src/providers/ipa/ipa_subdomains_id.c @@ -89,11 +89,11 @@ struct tevent_req *ipa_get_subdomain_account_info_send(TALLOC_CTX *memctx, switch (state->entry_type) { case BE_REQ_USER: ret = build_attrs_from_map(state, ctx->opts->user_map, - SDAP_OPTS_USER, &state->attrs); + SDAP_OPTS_USER, &state->attrs, NULL); break; case BE_REQ_GROUP: ret = build_attrs_from_map(state, ctx->opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); break; default: ret = EINVAL; diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 8e117d26..dd782815 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -1303,14 +1303,11 @@ errno_t list_missing_attrs(TALLOC_CTX *mem_ctx, return ENOMEM; } - ret = build_attrs_from_map(tmp_ctx, map, map_size, &expected_attrs); + ret = build_attrs_from_map(tmp_ctx, map, map_size, &expected_attrs, &attr_count); if (ret != EOK) { goto done; } - /* Count the expected attrs */ - while(expected_attrs[attr_count]) attr_count++; - /* Allocate the maximum possible values for missing_attrs, to * be on the safe side */ diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 18635869..bdd640a9 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -152,7 +152,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, ctx->opts->user_map, - SDAP_OPTS_USER, &state->attrs); + SDAP_OPTS_USER, &state->attrs, NULL); if (ret != EOK) goto fail; ret = users_get_retry(req); @@ -440,7 +440,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, ctx->opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) goto fail; ret = groups_get_retry(req); @@ -632,7 +632,7 @@ static struct tevent_req *groups_by_user_send(TALLOC_CTX *memctx, state->name = name; ret = build_attrs_from_map(state, ctx->opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) goto fail; ret = groups_by_user_retry(req); diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index ef8f6913..107ab23f 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -558,7 +558,7 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, ctx->opts->user_map, - SDAP_OPTS_USER, &state->attrs); + SDAP_OPTS_USER, &state->attrs, NULL); if (ret != EOK) goto fail; /* TODO: restrict the enumerations to using a single @@ -717,7 +717,7 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, ctx->opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) goto fail; /* TODO: restrict the enumerations to using a single diff --git a/src/providers/ldap/ldap_id_netgroup.c b/src/providers/ldap/ldap_id_netgroup.c index 2432f9c4..7fe7543f 100644 --- a/src/providers/ldap/ldap_id_netgroup.c +++ b/src/providers/ldap/ldap_id_netgroup.c @@ -99,7 +99,7 @@ struct tevent_req *ldap_netgroup_get_send(TALLOC_CTX *memctx, talloc_zfree(clean_name); ret = build_attrs_from_map(state, ctx->opts->netgroup_map, - SDAP_OPTS_NETGROUP, &state->attrs); + SDAP_OPTS_NETGROUP, &state->attrs, NULL); if (ret != EOK) goto fail; ret = ldap_netgroup_get_retry(req); diff --git a/src/providers/ldap/ldap_id_services.c b/src/providers/ldap/ldap_id_services.c index c1ee28e0..16d696af 100644 --- a/src/providers/ldap/ldap_id_services.c +++ b/src/providers/ldap/ldap_id_services.c @@ -135,7 +135,7 @@ services_get_send(TALLOC_CTX *mem_ctx, state->filter)); ret = build_attrs_from_map(state, id_ctx->opts->service_map, - SDAP_OPTS_SERVICES, &state->attrs); + SDAP_OPTS_SERVICES, &state->attrs, NULL); if (ret != EOK) goto error; ret = services_get_retry(req); diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 616e7cba..e4d3aa9b 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -999,13 +999,22 @@ void sdap_steal_server_opts(struct sdap_id_ctx *id_ctx, int build_attrs_from_map(TALLOC_CTX *memctx, struct sdap_attr_map *map, - size_t size, const char ***_attrs) + size_t size, + const char ***_attrs, + size_t *attr_count) { + errno_t ret; const char **attrs; int i, j; + TALLOC_CTX *tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) return ENOMEM; - attrs = talloc_array(memctx, const char *, size + 1); - if (!attrs) return ENOMEM; + /* Assume that all entries in the map have values */ + attrs = talloc_zero_array(tmp_ctx, const char *, size + 1); + if (!attrs) { + ret = ENOMEM; + goto done; + } /* first attribute is "objectclass" not the specifc one */ attrs[0] = talloc_strdup(memctx, "objectClass"); @@ -1020,9 +1029,21 @@ int build_attrs_from_map(TALLOC_CTX *memctx, } attrs[j] = NULL; - *_attrs = attrs; + /* Trim down the used memory if some attributes were NULL */ + attrs = talloc_realloc(tmp_ctx, attrs, const char *, j + 1); + if (!attrs) { + ret = ENOMEM; + goto done; + } - return EOK; + *_attrs = talloc_steal(memctx, attrs); + if (attr_count) *attr_count = j; + + ret = EOK; + +done: + talloc_free(tmp_ctx); + return ret; } int sdap_control_create(struct sdap_handle *sh, const char *oid, int iscritical, diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index ba19cbab..61f899f3 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -453,7 +453,9 @@ bool sdap_check_sup_list(struct sup_list *l, const char *val); int build_attrs_from_map(TALLOC_CTX *memctx, struct sdap_attr_map *map, - size_t size, const char ***_attrs); + size_t size, + const char ***_attrs, + size_t *attr_count); int sdap_control_create(struct sdap_handle *sh, const char *oid, int iscritical, struct berval *value, int dupval, LDAPControl **ctrlp); diff --git a/src/providers/ldap/sdap_async_autofs.c b/src/providers/ldap/sdap_async_autofs.c index 528e8b73..3140596e 100644 --- a/src/providers/ldap/sdap_async_autofs.c +++ b/src/providers/ldap/sdap_async_autofs.c @@ -242,7 +242,7 @@ automntmaps_process_members_send(TALLOC_CTX *mem_ctx, } ret = build_attrs_from_map(state, opts->autofs_entry_map, - SDAP_OPTS_AUTOFS_ENTRY, &state->attrs); + SDAP_OPTS_AUTOFS_ENTRY, &state->attrs, NULL); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build attributes from map\n")); ret = ENOMEM; @@ -674,7 +674,7 @@ sdap_autofs_setautomntent_send(TALLOC_CTX *memctx, talloc_free(clean_mapname); ret = build_attrs_from_map(state, state->opts->autofs_mobject_map, - SDAP_OPTS_AUTOFS_MAP, &state->attrs); + SDAP_OPTS_AUTOFS_MAP, &state->attrs, NULL); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build attributes from map\n")); ret = ENOMEM; diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 54fe5a7a..fb6a85e2 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -600,7 +600,8 @@ struct tevent_req *sdap_process_group_send(TALLOC_CTX *memctx, struct sdap_process_group_state); if (!req) return NULL; - ret = build_attrs_from_map(grp_state, opts->user_map, SDAP_OPTS_USER, &attrs); + ret = build_attrs_from_map(grp_state, opts->user_map, SDAP_OPTS_USER, + &attrs, NULL); if (ret) { goto done; } @@ -2367,6 +2368,7 @@ sdap_nested_group_process_deref_call(struct tevent_req *req) const char **sdap_attrs; int ret; int timeout; + size_t attr_count; const int num_maps = 2; struct sdap_nested_group_ctx *state = tevent_req_data(req, struct sdap_nested_group_ctx); @@ -2383,19 +2385,19 @@ sdap_nested_group_process_deref_call(struct tevent_req *req) /* Pull down the whole group map, but only pull down username * and originalDN for users. */ ret = build_attrs_from_map(state, state->opts->group_map, - SDAP_OPTS_GROUP, &sdap_attrs); + SDAP_OPTS_GROUP, &sdap_attrs, &attr_count); if (ret != EOK) goto fail; sdap_attrs = talloc_realloc(NULL, sdap_attrs, const char *, - SDAP_OPTS_GROUP + 2); + attr_count + 2); if (!sdap_attrs) { ret = ENOMEM; goto fail; } - sdap_attrs[SDAP_OPTS_GROUP] = \ + sdap_attrs[attr_count] = \ state->opts->user_map[SDAP_AT_USER_NAME].name; - sdap_attrs[SDAP_OPTS_GROUP + 1] = NULL; + sdap_attrs[attr_count + 1] = NULL; timeout = dp_opt_get_int(state->opts->basic, SDAP_SEARCH_TIMEOUT); @@ -2588,7 +2590,7 @@ static errno_t sdap_nested_group_lookup_group(struct tevent_req *req) } ret = build_attrs_from_map(state, state->opts->group_map, - SDAP_OPTS_GROUP, &sdap_attrs); + SDAP_OPTS_GROUP, &sdap_attrs, NULL); if (ret != EOK) { return ret; } diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index 8ca73878..b883ccf9 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -354,7 +354,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, } ret = build_attrs_from_map(state, opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) { talloc_free(req); return NULL; @@ -844,7 +844,7 @@ static errno_t sdap_initgr_nested_deref_search(struct tevent_req *req) maps[1].map = NULL; ret = build_attrs_from_map(state, state->opts->group_map, - SDAP_OPTS_GROUP, &sdap_attrs); + SDAP_OPTS_GROUP, &sdap_attrs, NULL); if (ret != EOK) goto fail; timeout = dp_opt_get_int(state->opts->basic, SDAP_SEARCH_TIMEOUT); @@ -1496,7 +1496,7 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send( } ret = build_attrs_from_map(state, opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) goto done; ret = sss_filter_sanitize(state, orig_dn, &clean_orig_dn); @@ -2169,7 +2169,7 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req) } ret = build_attrs_from_map(state, state->opts->group_map, - SDAP_OPTS_GROUP, &state->attrs); + SDAP_OPTS_GROUP, &state->attrs, NULL); if (ret != EOK) { goto done; } @@ -2505,7 +2505,7 @@ struct tevent_req *sdap_get_initgr_send(TALLOC_CTX *memctx, } ret = build_attrs_from_map(state, state->opts->user_map, - SDAP_OPTS_USER, &state->user_attrs); + SDAP_OPTS_USER, &state->user_attrs, NULL); if (ret) { talloc_zfree(req); return NULL; diff --git a/src/providers/ldap/sdap_async_services.c b/src/providers/ldap/sdap_async_services.c index c87d07c4..895ea7e7 100644 --- a/src/providers/ldap/sdap_async_services.c +++ b/src/providers/ldap/sdap_async_services.c @@ -572,7 +572,7 @@ enum_services_send(TALLOC_CTX *memctx, /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, id_ctx->opts->service_map, - SDAP_OPTS_SERVICES, &state->attrs); + SDAP_OPTS_SERVICES, &state->attrs, NULL); if (ret != EOK) goto fail; subreq = sdap_get_services_send(state, state->ev, diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 02d4f17b..23fd062c 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -456,7 +456,7 @@ struct tevent_req * sdap_sudo_load_sudoers_send(TALLOC_CTX *mem_ctx, /* create attrs from map */ ret = build_attrs_from_map(state, opts->sudorule_map, SDAP_OPTS_SUDO, - &state->attrs); + &state->attrs, NULL); if (ret != EOK) { goto fail; } |