Hello,
Fix crash caused by invalid query/transfer policy.
Please double-check correctness. The ISC parser is really complex beast!
Thank you.
--
Petr^2 Spacek
From 41061726684211924e453f74d1db3bec6c2e32d6 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Mon, 4 Mar 2013 14:20:56 +0100
Subject: [PATCH] Fix crash caused by invalid query/transfer policy.
Signed-off-by: Petr Spacek <pspa...@redhat.com>
---
src/acl.c | 45 +++++++++++++++++++++++++++++++++++----------
1 file changed, 35 insertions(+), 10 deletions(-)
diff --git a/src/acl.c b/src/acl.c
index f95cf431b6363d82085e9cfec7e6c1d6ddd45d7a..076a50375ae1fd132c143aa96379f7c80cc78cb8 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -71,6 +71,19 @@ static cfg_type_t *allow_query;
static cfg_type_t *allow_transfer;
static cfg_type_t *forwarders;
+/* Following definitions are necessary for context ("map" configuration object)
+ * required during ACL parsing. */
+static cfg_clausedef_t * empty_map_clausesets[] = {
+ NULL
+};
+
+static cfg_type_t cfg_type_empty_map = {
+ "empty_map", cfg_parse_map, cfg_print_map, cfg_doc_map, &cfg_rep_map,
+ empty_map_clausesets
+};
+
+static cfg_type_t *empty_map_p = &cfg_type_empty_map;
+
static cfg_type_t *
get_type_from_tuplefield(const cfg_type_t *cfg_type, const char *name)
{
@@ -469,44 +482,56 @@ acl_from_ldap(isc_mem_t *mctx, const char *aclstr, acl_type_t type,
cfg_parser_t *parser = NULL;
cfg_obj_t *aclobj = NULL;
cfg_aclconfctx_t *aclctx = NULL;
+ /* ACL parser requires "configuration context". The parser looks for
+ * undefined names in this context. We create empty context ("map" type),
+ * i.e. only built-in named lists "any", "none" etc. are supported. */
+ cfg_obj_t *cctx = NULL;
+ cfg_parser_t *parser_empty = NULL;
REQUIRE(aclp != NULL && *aclp == NULL);
CHECK(bracket_str(mctx, aclstr, &new_aclstr));
CHECK(cfg_parser_create(mctx, dns_lctx, &parser));
+ CHECK(cfg_parser_create(mctx, dns_lctx, &parser_empty));
+ CHECK(parse(parser_empty, "{}", &empty_map_p, &cctx));
+
switch (type) {
case acl_type_query:
- result = parse(parser, str_buf(new_aclstr), &allow_query,
- &aclobj);
+ CHECK(parse(parser, str_buf(new_aclstr), &allow_query,
+ &aclobj));
break;
case acl_type_transfer:
- result = parse(parser, str_buf(new_aclstr), &allow_transfer,
- &aclobj);
+ CHECK(parse(parser, str_buf(new_aclstr), &allow_transfer,
+ &aclobj));
break;
default:
/* This is a bug */
REQUIRE("Unhandled ACL type in acl_from_ldap" == NULL);
}
- if (result != ISC_R_SUCCESS) {
- log_error("Failed to parse ACL (%s)", aclstr);
- goto cleanup;
- }
-
CHECK(cfg_aclconfctx_create(mctx, &aclctx));
- CHECK(cfg_acl_fromconfig(aclobj, NULL, dns_lctx, aclctx, mctx, 0, &acl));
+ CHECK(cfg_acl_fromconfig(aclobj, cctx, dns_lctx, aclctx, mctx, 0, &acl));
*aclp = acl;
result = ISC_R_SUCCESS;
cleanup:
+ if (result != ISC_R_SUCCESS)
+ log_error_r("%s ACL parsing failed: '%s'",
+ type == acl_type_query ? "query" : "transfer",
+ aclstr);
+
if (aclctx != NULL)
cfg_aclconfctx_detach(&aclctx);
if (aclobj != NULL)
cfg_obj_destroy(parser, &aclobj);
if (parser != NULL)
cfg_parser_destroy(&parser);
+ if (cctx != NULL)
+ cfg_obj_destroy(parser_empty, &cctx);
+ if (parser_empty != NULL)
+ cfg_parser_destroy(&parser_empty);
str_destroy(&new_aclstr);
return result;
--
1.7.11.7
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
