summaryrefslogtreecommitdiff
path: root/src/sss_client/nss_group.c
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2012-01-06 13:56:34 -0500
committerStephen Gallagher <sgallagh@redhat.com>2012-01-14 11:53:29 -0500
commit22c7230dc0c8d41a189eb758be78991d183de1f7 (patch)
tree9b5bb11dcf31e98d104071dbb0b5042708ca1040 /src/sss_client/nss_group.c
parent394f8a24f5794bced737cfb743fe038fb4d0f4a6 (diff)
downloadsssd-22c7230dc0c8d41a189eb758be78991d183de1f7.tar.gz
sssd-22c7230dc0c8d41a189eb758be78991d183de1f7.tar.bz2
sssd-22c7230dc0c8d41a189eb758be78991d183de1f7.zip
NSS: Validate input string lengths
Also fixes a return value bug where we were returning errno error codes instead of nss_status codes. Fixes https://fedorahosted.org/sssd/ticket/1135
Diffstat (limited to 'src/sss_client/nss_group.c')
-rw-r--r--src/sss_client/nss_group.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/sss_client/nss_group.c b/src/sss_client/nss_group.c
index 9e308c92..f5e715c8 100644
--- a/src/sss_client/nss_group.c
+++ b/src/sss_client/nss_group.c
@@ -254,14 +254,23 @@ enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result,
struct sss_cli_req_data rd;
struct sss_nss_gr_rep grrep;
uint8_t *repbuf;
- size_t replen, len;
+ size_t replen, len, name_len;
enum nss_status nret;
int ret;
/* Caught once glibc passing in buffer == 0x0 */
- if (!buffer || !buflen) return ERANGE;
+ if (!buffer || !buflen) {
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
+ ret = sss_strnlen(name, SSS_NAME_MAX, &name_len);
+ if (ret != 0) {
+ *errnop = EINVAL;
+ return NSS_STATUS_NOTFOUND;
+ }
- rd.len = strlen(name) + 1;
+ rd.len = name_len + 1;
rd.data = name;
sss_nss_lock();