summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-11-01 14:47:09 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-11-15 09:52:35 -0500
commitadc4351a04cef89ced2dbb240180e5d00fd8dd3c (patch)
tree25729db0bcf5991226b996837bba95f3c8602893
parentf2838dcdc3587b685655781a576aff27a1719412 (diff)
downloadsssd-adc4351a04cef89ced2dbb240180e5d00fd8dd3c.tar.gz
sssd-adc4351a04cef89ced2dbb240180e5d00fd8dd3c.tar.bz2
sssd-adc4351a04cef89ced2dbb240180e5d00fd8dd3c.zip
Sanitize search filters in memberOf plugin
-rw-r--r--Makefile.am4
-rw-r--r--src/ldb_modules/memberof.c22
2 files changed, 23 insertions, 3 deletions
diff --git a/Makefile.am b/Makefile.am
index c9fd0a16..102149a8 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -933,7 +933,9 @@ proxy_child_LDADD = \
$(SSSD_LIBS)
memberof_la_SOURCES = \
- src/ldb_modules/memberof.c
+ $(SSSD_DEBUG_OBJ) \
+ src/ldb_modules/memberof.c \
+ src/util/util.c
memberof_la_CFLAGS = \
$(AM_CFLAGS)
memberof_la_LIBADD = $(LDB_LIBS) $(DHASH_LIBS)
diff --git a/src/ldb_modules/memberof.c b/src/ldb_modules/memberof.c
index 1e28593d..372aa544 100644
--- a/src/ldb_modules/memberof.c
+++ b/src/ldb_modules/memberof.c
@@ -1167,9 +1167,11 @@ static int memberof_del(struct ldb_module *module, struct ldb_request *req)
struct ldb_request *search;
char *expression;
const char *dn;
+ char *clean_dn;
struct mbof_del_ctx *del_ctx;
struct mbof_ctx *ctx;
int ret;
+ errno_t sret;
if (ldb_dn_is_special(req->op.del.dn)) {
/* do not manipulate our control entries */
@@ -1206,13 +1208,21 @@ static int memberof_del(struct ldb_module *module, struct ldb_request *req)
talloc_free(ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
+
+ sret = sss_filter_sanitize(del_ctx, dn, &clean_dn);
+ if (sret != 0) {
+ talloc_free(ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
expression = talloc_asprintf(del_ctx,
"(|(distinguishedName=%s)(%s=%s))",
- dn, DB_MEMBER, dn);
+ clean_dn, DB_MEMBER, clean_dn);
if (!expression) {
talloc_free(ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
+ talloc_zfree(clean_dn);
ret = ldb_build_search_req(&search, ldb, del_ctx,
NULL, LDB_SCOPE_SUBTREE,
@@ -1586,6 +1596,7 @@ static int mbof_del_execute_op(struct mbof_del_operation *delop)
struct ldb_request *search;
char *expression;
const char *dn;
+ char *clean_dn;
static const char *attrs[] = { DB_OC, DB_NAME,
DB_MEMBER, DB_MEMBEROF, NULL };
int ret;
@@ -1599,12 +1610,19 @@ static int mbof_del_execute_op(struct mbof_del_operation *delop)
if (!dn) {
return LDB_ERR_OPERATIONS_ERROR;
}
+
+ ret = sss_filter_sanitize(del_ctx, dn, &clean_dn);
+ if (ret != 0) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
expression = talloc_asprintf(del_ctx,
"(|(distinguishedName=%s)(%s=%s))",
- dn, DB_MEMBER, dn);
+ clean_dn, DB_MEMBER, clean_dn);
if (!expression) {
return LDB_ERR_OPERATIONS_ERROR;
}
+ talloc_zfree(clean_dn);
ret = ldb_build_search_req(&search, ldb, delop,
NULL, LDB_SCOPE_SUBTREE,