summaryrefslogtreecommitdiff
path: root/server/db
diff options
context:
space:
mode:
Diffstat (limited to 'server/db')
-rw-r--r--server/db/sysdb_ops.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
index a75c3466..7daf1170 100644
--- a/server/db/sysdb_ops.c
+++ b/server/db/sysdb_ops.c
@@ -868,6 +868,19 @@ int sysdb_add_user(struct sysdb_req *sysreq,
return EINVAL;
}
+ if (domain->id_max != 0 && (uid < domain->id_min || uid > domain->id_max)) {
+ DEBUG(2, ("Supplied uid [%d] is not in the allowed range [%d-%d].\n",
+ uid, domain->id_min, domain->id_max));
+ return EINVAL;
+ }
+
+ if (domain->id_max != 0 && (gid < domain->id_min || gid > domain->id_max)) {
+ DEBUG(2, ("Supplied gid [%d] is not in the allowed range [%d-%d].\n",
+ gid, domain->id_min, domain->id_max));
+ return EINVAL;
+ }
+
+
user_ctx = talloc(sysreq, struct user_add_ctx);
if (!user_ctx) return ENOMEM;
@@ -1052,6 +1065,12 @@ int sysdb_add_group(struct sysdb_req *sysreq,
return EINVAL;
}
+ if (domain->id_max != 0 && (gid < domain->id_min || gid > domain->id_max)) {
+ DEBUG(2, ("Supplied gid [%d] is not in the allowed range [%d-%d].\n",
+ gid, domain->id_min, domain->id_max));
+ return EINVAL;
+ }
+
group_ctx = talloc(sysreq, struct group_add_ctx);
if (!group_ctx) return ENOMEM;
generated by cgit (git 2.34.1) at 2024-12-28 09:44:10 +0000