Re: [Freeipa-devel] [PATCH] 459 Avoid passing non-terminated string to is_master_host

Tue, 11 Mar 2014 09:02:39 -0700 

On Tuesday, March 11, 2014 04:55:52 PM Martin Kosek wrote:
> On 03/07/2014 10:21 AM, Alexander Bokovoy wrote:
> > On Fri, 07 Mar 2014, Martin Kosek wrote:
> >> When string is not terminated, queries with corrupted base may be sent
> >> to LDAP:
> >> 
> >> ... cn=ipa1.example.com<garbage>,cn=masters...
> >> 
> >> https://fedorahosted.org/freeipa/ticket/4214
> >> 
> >> -- 
> >> Martin Kosek <[email protected]>
> >> Supervisor, Software Engineering - Identity Management Team
> >> Red Hat Inc.
> >
> > 
> >
> >> From 74bb082c7c286e9911f1a376ed9ce25845857672 Mon Sep 17 00:00:00 2001
> >> From: Martin Kosek <[email protected]>
> >> Date: Fri, 7 Mar 2014 10:06:52 +0100
> >> Subject: [PATCH] Avoid passing non-terminated string to is_master_host
> >> 
> >> When string is not terminated, queries with corrupted base may be sent
> >> to LDAP:
> >> 
> >> ... cn=ipa1.example.com<garbage>,cn=masters...
> >> 
> >> https://fedorahosted.org/freeipa/ticket/4214
> >> ---
> >> daemons/ipa-kdb/ipa_kdb_mspac.c | 3 ++-
> >> 1 file changed, 2 insertions(+), 1 deletion(-)
> >> 
> >> diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c
> >> b/daemons/ipa-kdb/ipa_kdb_mspac.c index
> >> 9137cd5ad1e6166fd5d6e765fab2c8178ca0587c..c1b018cc80402c2c3488487aee1d970
> >> 9b902c5b4 100644
> >> --- a/daemons/ipa-kdb/ipa_kdb_mspac.c
> >> +++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
> >> @@ -488,13 +488,14 @@ static krb5_error_code ipadb_fill_info3(struct
> >> ipadb_context *ipactx,
> >>
> >>         }
> >>
> >>         data = krb5_princ_component(ipactx->context, princ, 1);
> >>
> >> -        strres = malloc(data->length);
> >> +        strres = malloc(data->length+1);
> >>
> >>         if (strres == NULL) {
> >>             krb5_free_principal(ipactx->kcontext, princ);
> >>             return ENOENT;
> >>         }
> >>
> >>         memcpy(strres, data->data, data->length);
> >>
> >> +        strres[data->length] = '\0';
> >>
> >>         krb5_free_principal(ipactx->kcontext, princ);
> >>
> >>         /* Only add PAC to TGT to services on IPA masters to allow
> >>querying>>
> > Obvious ACK.
> >
> > 
> 
> Pushed to:
> master: 740298d1208e92c264ef5752ac3fe6adf1240790
> ipa-3-3: 0430d0eb2b605290e34b9392a902ef2114a2d743
> 
> Martin

Thank you guys.  -A

-- 
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to