Re: [SSSD] [PATCHES] SYSDB: Sanitize filter before removing ghost attrs

Lukas Slebodnik Fri, 29 Nov 2013 05:32:58 -0800

On (29/11/13 11:52), Jakub Hrozek wrote:
>On Thu, Nov 28, 2013 at 10:20:44AM +0100, Jakub Hrozek wrote:
>> On Tue, Nov 26, 2013 at 02:54:42PM +0100, Lukas Slebodnik wrote:
>> > On (25/11/13 17:32), Lukas Slebodnik wrote:
>> > >ehlo,
>> > >
>> > >attached patches should fix https://fedorahosted.org/sssd/ticket/2163
>> > >
>> > >LS
>> > 
>> > >     sysdb_suite = create_sysdb_suite();
>> > >     sr = srunner_create(sysdb_suite);
>> > >+    srunner_set_fork_status(sr, CK_NOFORK);
>> >                                   ^^^^^^^^^
>> > I didn't want to squash this change into the patch.
>> > Updated patches are attached.
>> > 
>> > LS
>> 
>> The patches look good and work well.
>> 
>> ACK
>
>Pushed to master.
>
>I'd like to push them to sssd-1-11 as well, can you resend a version
>that compiles on sssd-1-11? Unfortunately the sysdb API has diverged
>already.


Actually, problem was only in tests :-)

Patches for 1-11 branch are attached.

LS

>From 0568909601e8ee0af1a557fd9696200f9ad69907 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Mon, 25 Nov 2013 13:43:30 +0100
Subject: [PATCH 1/2] SYSDB: Sanitize filter before sysdb_search_groups

sysdb_delete_user fails with EIO if user does not exist and contains
backslashes.
ldb could not parse filter (&(objectclass=group)(ghost=usr\\\\001)),
because ghost value was not sanitized

Resolves:
https://fedorahosted.org/sssd/ticket/2163
---
 src/db/sysdb_ops.c      | 9 ++++++++-
 src/tests/sysdb-tests.c | 5 +++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 
094c27b7f478e0a53a3b6666c727e86eb36a249e..eb88cd256d0c2e45e1528e8a867e42354215cc7f
 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2539,6 +2539,7 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb,
     struct ldb_message *msg;
     int ret;
     int i;
+    char *sanitized_name;
 
     tmp_ctx = talloc_new(NULL);
     if (!tmp_ctx) {
@@ -2578,7 +2579,13 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb,
         }
     } else if (ret == ENOENT && name != NULL) {
         /* Perhaps a ghost user? */
-        filter = talloc_asprintf(tmp_ctx, "(%s=%s)", SYSDB_GHOST, name);
+        ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);
+        if (ret != EOK) {
+            goto fail;
+        }
+
+        filter = talloc_asprintf(tmp_ctx, "(%s=%s)",
+                                          SYSDB_GHOST, sanitized_name);
         if (filter == NULL) {
             ret = ENOMEM;
             goto fail;
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 
1c28526e06df012b8749e1540e70a27948c17ab2..bf964fd76d33bbceac6c1846db7a5011db1375f5
 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -3998,6 +3998,11 @@ START_TEST(test_odd_characters)
     fail_unless(ret == EOK, "sysdb_delete_user error [%d][%s]",
                             ret, strerror(ret));
 
+    /* Delete non existing User */
+    ret = sysdb_delete_user(test_ctx->sysdb, test_ctx->domain,
+                            odd_username, 10000);
+    fail_unless(ret == ENOENT, "sysdb_delete_user error [%d][%s]",
+                               ret, strerror(ret));
 
     /* Delete Group */
     ret = sysdb_delete_group(test_ctx->sysdb, test_ctx->domain,
-- 
1.8.4.2

>From 95d78284b1d379979ab615206a7071546ca79746 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Mon, 25 Nov 2013 16:01:59 +0100
Subject: [PATCH 2/2] SYSDB: Sanitize filter before removing ghost attrs

sysdb_add_user fails with EIO if enumeration is disabled and user contains
backslashes.
We try to remove ghost attributes from groups with disabled enumeration,
but unsanitized filter is used to find ghost attributes
"(|(ghost=usr\\\\002)" and ldb cannot parse this filter.

Resolves:
https://fedorahosted.org/sssd/ticket/2163
---
 src/db/sysdb_ops.c      |  9 ++++++++-
 src/tests/sysdb-tests.c | 19 +++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 
eb88cd256d0c2e45e1528e8a867e42354215cc7f..890bf1eb3cc5fc0b6eb6f7a145aee6d87945cd8d
 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1091,6 +1091,7 @@ sysdb_remove_ghostattr_from_groups(struct sysdb_ctx 
*sysdb,
     struct ldb_dn *tmpdn;
     const char *group_attrs[] = {SYSDB_NAME, SYSDB_GHOST, SYSDB_ORIG_MEMBER, 
NULL};
     const char *userdn;
+    char *sanitized_name;
     char *filter;
     errno_t ret = EOK;
     size_t group_count = 0;
@@ -1101,7 +1102,13 @@ sysdb_remove_ghostattr_from_groups(struct sysdb_ctx 
*sysdb,
         return ENOENT;
     }
 
-    filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)", SYSDB_GHOST, name);
+    ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);
+    if (ret != EOK) {
+        goto done;
+    }
+
+    filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)",
+                                      SYSDB_GHOST, sanitized_name);
     if (!filter) {
         ret = ENOMEM;
         goto done;
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 
bf964fd76d33bbceac6c1846db7a5011db1375f5..ddbf6f28fd5024945fedcb3c6e2122948c4f1459
 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -3900,6 +3900,8 @@ START_TEST(test_odd_characters)
     struct ldb_message *msg;
     const struct ldb_val *val;
     const char odd_username[] = "*(odd)\\user,name";
+    const char odd_username_orig_dn[] =
+        "\\2a\\28odd\\29\\5cuser,name,cn=users,dc=example,dc=com";
     const char odd_groupname[] = "*(odd\\*)\\group,name";
     const char odd_netgroupname[] = "*(odd\\*)\\netgroup,name";
     const char *received_user;
@@ -4010,6 +4012,23 @@ START_TEST(test_odd_characters)
     fail_unless(ret == EOK, "sysdb_delete_group error [%d][%s]",
                             ret, strerror(ret));
 
+    /* Add */
+    ret = sysdb_add_user(test_ctx->sysdb,
+                         test_ctx->domain,
+                         odd_username,
+                         10000, 0,
+                         "","","",
+                         odd_username_orig_dn,
+                         NULL, 5400, 0);
+    fail_unless(ret == EOK, "sysdb_add_user error [%d][%s]",
+                            ret, strerror(ret));
+
+    /* Delete User */
+    ret = sysdb_delete_user(test_ctx->sysdb, test_ctx->domain,
+                            odd_username, 10000);
+    fail_unless(ret == EOK, "sysdb_delete_user error [%d][%s]",
+                            ret, strerror(ret));
+
     /* ===== Netgroups ===== */
     /* Add */
     ret = sysdb_add_netgroup(test_ctx->sysdb, test_ctx->domain,
-- 
1.8.4.2

_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel

Re: [SSSD] [PATCHES] SYSDB: Sanitize filter before removing ghost attrs

Reply via email to