Hello,

Harden update-policy processing.

https://fedorahosted.org/bind-dyndb-ldap/ticket/111

This patch should prevent crashes similar to 'zonesub' problem described in the ticket #111.

--
Petr^2 Spacek
From 05d73392dc6c0f9f6f7a9e570e4382ccb3c66022 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Mon, 25 Mar 2013 10:52:50 +0100
Subject: [PATCH] Harden update-policy processing.

https://fedorahosted.org/bind-dyndb-ldap/ticket/111

Signed-off-by: Petr Spacek <pspa...@redhat.com>
---
 src/acl.c | 41 ++++++++++++++++++++++++++++-------------
 1 file changed, 28 insertions(+), 13 deletions(-)

diff --git a/src/acl.c b/src/acl.c
index ed3bdebcc027f3f5b7b2e9e084cf328ed4f6b1dd..3b5de00f8a40cbc1a876ea2b74e9c2093e48774c 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -178,32 +178,48 @@ parse(cfg_parser_t *parser, const char *string, cfg_type_t **type,
 #define MATCH(string_rep, return_val)					\
 	do {								\
 		if (!strcasecmp(str, string_rep)) {			\
-			return return_val;				\
+			*value = return_val;				\
+			return ISC_R_SUCCESS;				\
 		}							\
 	} while (0)
 
-static isc_boolean_t
-get_mode(const cfg_obj_t *obj)
+static isc_result_t
+get_mode(const cfg_obj_t *obj, isc_boolean_t *value)
 {
 	const char *str;
 
+	if (!cfg_obj_istuple(obj)) {
+		log_bug("tuple is expected");
+		return ISC_R_UNEXPECTED;
+	}
 	obj = cfg_tuple_get(obj, "mode");
+	if (!cfg_obj_isstring(obj)) {
+		log_bug("mode is not defined");
+		return ISC_R_UNEXPECTED;
+	}
 	str = cfg_obj_asstring(obj);
 
 	MATCH("grant", ISC_TRUE);
 	MATCH("deny", ISC_FALSE);
 
-	INSIST(0);
-	/* Not reached. */
-	return ISC_FALSE;
+	log_bug("unsupported ACL mode '%s'", str);
+	return ISC_R_NOTIMPLEMENTED;
 }
 
-static unsigned int
-get_match_type(const cfg_obj_t *obj)
+static isc_result_t
+get_match_type(const cfg_obj_t *obj, unsigned int *value)
 {
 	const char *str;
 
+	if (!cfg_obj_istuple(obj)) {
+		log_bug("tuple is expected");
+		return ISC_R_UNEXPECTED;
+	}
 	obj = cfg_tuple_get(obj, "matchtype");
+	if (!cfg_obj_isstring(obj)) {
+		log_bug("matchtype is not defined");
+		return ISC_R_UNEXPECTED;
+	}
 	str = cfg_obj_asstring(obj);
 
 	MATCH("name", DNS_SSUMATCHTYPE_NAME);
@@ -232,9 +248,8 @@ get_match_type(const cfg_obj_t *obj)
 	MATCH("6to4-self", DNS_SSUMATCHTYPE_6TO4SELF);
 #endif
 
-	INSIST(0);
-	/* Not reached. */
-	return DNS_SSUMATCHTYPE_NAME;
+	log_bug("unsupported match type '%s'", str);
+	return ISC_R_NOTIMPLEMENTED;
 }
 
 static isc_result_t
@@ -422,8 +437,8 @@ acl_configure_zone_ssutable(const char *policy_str, dns_zone_t *zone)
 		types = NULL;
 
 		stmt = cfg_listelt_value(el);
-		grant = get_mode(stmt);
-		match_type = get_match_type(stmt);
+		CHECK(get_mode(stmt, &grant));
+		CHECK(get_match_type(stmt, &match_type));
 
 		CHECK(get_fixed_name(stmt, "identity", &fident));
 
-- 
1.7.11.7

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to