diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-06 13:56:34 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-01-14 11:53:29 -0500 |
commit | 22c7230dc0c8d41a189eb758be78991d183de1f7 (patch) | |
tree | 9b5bb11dcf31e98d104071dbb0b5042708ca1040 /src/sss_client/nss_group.c | |
parent | 394f8a24f5794bced737cfb743fe038fb4d0f4a6 (diff) | |
download | sssd-22c7230dc0c8d41a189eb758be78991d183de1f7.tar.gz sssd-22c7230dc0c8d41a189eb758be78991d183de1f7.tar.bz2 sssd-22c7230dc0c8d41a189eb758be78991d183de1f7.zip |
NSS: Validate input string lengths
Also fixes a return value bug where we were returning errno error
codes instead of nss_status codes.
Fixes https://fedorahosted.org/sssd/ticket/1135
Diffstat (limited to 'src/sss_client/nss_group.c')
-rw-r--r-- | src/sss_client/nss_group.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/sss_client/nss_group.c b/src/sss_client/nss_group.c index 9e308c92..f5e715c8 100644 --- a/src/sss_client/nss_group.c +++ b/src/sss_client/nss_group.c @@ -254,14 +254,23 @@ enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, struct sss_cli_req_data rd; struct sss_nss_gr_rep grrep; uint8_t *repbuf; - size_t replen, len; + size_t replen, len, name_len; enum nss_status nret; int ret; /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; + if (!buffer || !buflen) { + *errnop = ERANGE; + return NSS_STATUS_TRYAGAIN; + } + + ret = sss_strnlen(name, SSS_NAME_MAX, &name_len); + if (ret != 0) { + *errnop = EINVAL; + return NSS_STATUS_NOTFOUND; + } - rd.len = strlen(name) + 1; + rd.len = name_len + 1; rd.data = name; sss_nss_lock(); |