Commit - SSSD/sssd - 31fdda9759a8a03081b5ab6307a5e8ce4cbe50d2

SSSD / sssd

`31fdda9` SYSDB: Sanitize dn in sysdb_get_user_members_recursively

Authored and Committed by lslebodn 7 years ago

raw patch tree parent

1 file changed. 11 lines added. 1 lines removed.

    SYSDB: Sanitize dn in sysdb_get_user_members_recursively
    
    There was a crash in nss responder when a group contained
    a user with special charactes which shoudl be sanitized before
    using in filter.
    
    ==31651== Conditional jump or move depends on uninitialised value(s)
    ==31651==    at 0x8BEA7DE: _talloc_steal_loc (talloc.c:1215)
    ==31651==    by 0x5264889: sysdb_get_user_members_recursively (sysdb_ops.c:4759)
    ==31651==    by 0x5278F61: sysdb_add_group_member_overrides (sysdb_views.c:1375)
    ==31651==    by 0x526677C: sysdb_getgrnam_with_views (sysdb_search.c:799)
    ==31651==    by 0x1172F6: nss_cmd_getgrnam_search (nsssrv_cmd.c:3168)
    ==31651==    by 0x119C67: nss_cmd_getby_dp_callback (nsssrv_cmd.c:1382)
    ==31651==    by 0x10FD14: nsssrv_dp_send_acct_req_done (nsssrv_cmd.c:916)
    ==31651==    by 0x12898B: sss_dp_internal_get_done (responder_dp.c:791)
    ==31651==    by 0x58FF861: complete_pending_call_and_unlock (dbus-connection.c:2314)
    ==31651==    by 0x5902B50: dbus_connection_dispatch (dbus-connection.c:4580)
    ==31651==    by 0x527F261: sbus_dispatch (sssd_dbus_connection.c:96)
    ==31651==    by 0x89D8B4E: tevent_common_loop_timer_delay (tevent_timed.c:341)
    
    Resolves:
    https://fedorahosted.org/sssd/ticket/3121
    
    Reviewed-by: Pavel Březina <pbrezina@redhat.com>

src/db/sysdb_ops.c

file modified

+11 -1

SSSD / sssd

Source Code

Documentation

31fdda9 SYSDB: Sanitize dn in sysdb_get_user_members_recursively

Authored and Committed by lslebodn 7 years ago

`31fdda9` SYSDB: Sanitize dn in sysdb_get_user_members_recursively