This is an automated email from the ASF dual-hosted git repository. szaszm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/nifi-minifi-cpp.git
commit a8b0e0c590b609c7111e8d5a4ce4b13c648fc4d9 Author: Adam Debreceni <[email protected]> AuthorDate: Tue Dec 13 16:11:17 2022 +0100 MINIFICPP-2012 fix CWEL leak on empty domain lookup A bug in OsUtils::userIdToUsername caused leaking 1 byte whenever an SID lookup resulted in an empty domain name. This fixes the leak. Closes #1471 Signed-off-by: Marton Szasz <[email protected]> Co-authored-by: Martin Zink <[email protected]> --- libminifi/src/utils/OsUtils.cpp | 1 - libminifi/test/unit/OsUtilTests.cpp | 44 +++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/libminifi/src/utils/OsUtils.cpp b/libminifi/src/utils/OsUtils.cpp index fd6789bc1..219cfe2b9 100644 --- a/libminifi/src/utils/OsUtils.cpp +++ b/libminifi/src/utils/OsUtils.cpp @@ -147,7 +147,6 @@ std::string OsUtils::userIdToUsername(const std::string &uid) { } } GlobalFree(windowsAccount); - if (dwwindowsDomainSize > 0) GlobalFree(windowsDomain); } } diff --git a/libminifi/test/unit/OsUtilTests.cpp b/libminifi/test/unit/OsUtilTests.cpp new file mode 100644 index 000000000..db38fde09 --- /dev/null +++ b/libminifi/test/unit/OsUtilTests.cpp @@ -0,0 +1,44 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#include "utils/OsUtils.h" +#include "../TestBase.h" +#include "../Catch.h" + +namespace org::apache::nifi::minifi::test { + +#ifdef WIN32 +TEST_CASE("Test userIdToUsername for well-known SIDs", "[OsUtils]") { + // this test also verifies the fix for a memory leak found in userIdToUsername + // if ran through drmemory, due to localization dependence we only check for non-emptiness + // and these tests should be revised in MINIFICPP-2013 + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-0-0").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-1-0").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-2-0").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-2-1").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-3-0").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-3-1").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-3-2").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-3-3").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-3-4").empty()); + CHECK_FALSE(minifi::utils::OsUtils::userIdToUsername("S-1-5-80-0").empty()); +} +#endif + +} // namespace org::apache::nifi::minifi::test
