RESPONDER: Ensure that all input strings are valid UTF-8

author: Stephen Gallagher <sgallagh@redhat.com> 2011-11-14 11:31:37 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-11-18 12:18:33 -0500
commit: 872f2d32d979a1dd2145667487f170fec8b5189a (patch)
tree: 44a6f75159cb3c9b3f5da4048d1d4bd343de89a1 /src/responder/pam
parent: 37a76cff2478d8be3d11ccb7ff42d9d863f1839e (diff)
download: sssd-872f2d32d979a1dd2145667487f170fec8b5189a.tar.gz
sssd-872f2d32d979a1dd2145667487f170fec8b5189a.tar.bz2
sssd-872f2d32d979a1dd2145667487f170fec8b5189a.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 1d2a2a58..18ba3fdf 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -70,6 +70,11 @@ static int extract_string(char **var, size_t size, uint8_t *body, size_t blen,
 
     if (str[size-1]!='\0') return EINVAL;
 
+    /* If the string isn't valid UTF-8, fail */
+    if (!sss_utf8_check(str, size)) {
+        return EINVAL;
+    }
+
     *c += size;
 
     *var = (char *) str;
author	Stephen Gallagher <sgallagh@redhat.com>	2011-11-14 11:31:37 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-11-18 12:18:33 -0500
commit	872f2d32d979a1dd2145667487f170fec8b5189a (patch)
tree	44a6f75159cb3c9b3f5da4048d1d4bd343de89a1 /src/responder/pam
parent	37a76cff2478d8be3d11ccb7ff42d9d863f1839e (diff)
download	sssd-872f2d32d979a1dd2145667487f170fec8b5189a.tar.gz sssd-872f2d32d979a1dd2145667487f170fec8b5189a.tar.bz2 sssd-872f2d32d979a1dd2145667487f170fec8b5189a.zip