Bug Tracker item #2933017, was opened at 2010-01-15 18:11 Message generated for change (Comment added) made by hmonteiro You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2933017&group_id=250683
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: daemon Group: v3.9.0 >Status: Closed Resolution: None Priority: 7 Private: No Submitted By: Enrico Scholz (ensc) Assigned to: Hugo Monteiro (hmonteiro) Summary: Missing input validation in ExtLookupQuery Initial Comment: $ dspamc --classify --user 'foobar)(uid=foo)' -- < /tmp/sp causes dspam daemon to crash with | dspam: ../../../libraries/libldap/error.c:273: ldap_parse_result: Assertion `r != ((void *)0)' failed. Configuration is | ExtLookupDriver ldap | ExtLookupQuery "(&(objectClass=inetLocalMailRecipient)(|(mail=%u)(mailLocalAddress=%u)(uid=%u)))" ---------------------------------------------------------------------- >Comment By: Hugo Monteiro (hmonteiro) Date: 2010-01-16 21:45 Message: Enrico, The username insertion in the query is now escaped as defined by RFC2254. As always, feedback on the fixes is always welcome. Best Regards, Hugo Monteiro. ---------------------------------------------------------------------- Comment By: Enrico Scholz (ensc) Date: 2010-01-16 10:00 Message: It should suffice to escape %u properly. See RFC 2254, "4. String Search Filter Definition". E.g. %u above would translate to foobar\)\(uid=foo\) Implementation should support ExtLookupDriver specific methods; e.g. for 'program', no translation is needed because execve() is used. ---------------------------------------------------------------------- Comment By: Hugo Monteiro (hmonteiro) Date: 2010-01-15 19:11 Message: Thank you for submitting the report. I will try fix it as soon as i can. Best regards, Hugo Monteiro. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2933017&group_id=250683 ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Dspam-devel mailing list Dspam-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-devel
