7cd86ef sysdb: try dealing with binary-content attributes

4 files Authored by Jan Engelhardt 5 years ago , Committed by jhrozek 5 years ago ,
    sysdb: try dealing with binary-content attributes
    
    https://fedorahosted.org/sssd/ticket/1818
    
    I have here a LDAP user entry which has this attribute
    
    	loginAllowedTimeMap::
    	 AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA
    
    In the function sysdb_attrs_add_string(), called from
    sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is
    the wrong thing to do. The result of strlen is then used to populate
    the .v_length member of a struct ldb_val - and this will set it to
    zero in this case. (There is also the problem that there may not be
    a '\0' at all in the blob.)
    
    Subsequently, .v_length being 0 makes ldb_modify(), called from
    sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End
    result is that users do not get stored in the sysdb, and programs like
    `id` or `getent ...` show incomplete information.
    
    The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave
    fine, but that may not mean that is the absolute lower boundary of
    introduction of the problem.
    
        
file modified
+10 -0
file modified
+2 -0
file modified
+3 -5