From 0a509d518dd5d17e32e3a4c34b319a38210ba17b Mon Sep 17 00:00:00 2001

From: Lukas Slebodnik <lslebodn@redhat.com>

Date: Mon, 25 Nov 2013 16:01:59 +0100

Subject: [PATCH 9/9] SYSDB: Sanitize filter before removing ghost attrs

sysdb_add_user fails with EIO if enumeration is disabled and user contains

backslashes.

We try to remove ghost attributes from groups with disabled enumeration,

but unsanitized filter is used to find ghost attributes

"(|(ghost=usr\\\\002)" and ldb cannot parse this filter.

Resolves:

https://fedorahosted.org/sssd/ticket/2163

---

 src/db/sysdb_ops.c      |  9 ++++++++-

 src/tests/sysdb-tests.c | 19 +++++++++++++++++++

 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c

index eb88cd256d0c2e45e1528e8a867e42354215cc7f..890bf1eb3cc5fc0b6eb6f7a145aee6d87945cd8d 100644

--- a/src/db/sysdb_ops.c

+++ b/src/db/sysdb_ops.c

@@ -1091,6 +1091,7 @@ sysdb_remove_ghostattr_from_groups(struct sysdb_ctx *sysdb,

     struct ldb_dn *tmpdn;

     const char *group_attrs[] = {SYSDB_NAME, SYSDB_GHOST, SYSDB_ORIG_MEMBER, NULL};

     const char *userdn;

+    char *sanitized_name;

     char *filter;

     errno_t ret = EOK;

     size_t group_count = 0;

@@ -1101,7 +1102,13 @@ sysdb_remove_ghostattr_from_groups(struct sysdb_ctx *sysdb,

         return ENOENT;

     }

-    filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)", SYSDB_GHOST, name);

+    ret = sss_filter_sanitize(tmp_ctx, name, &sanitized_name);

+    if (ret != EOK) {

+        goto done;

+    }

+

+    filter = talloc_asprintf(tmp_ctx, "(|(%s=%s)",

+                                      SYSDB_GHOST, sanitized_name);

     if (!filter) {

         ret = ENOMEM;

         goto done;

diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c

index bf964fd76d33bbceac6c1846db7a5011db1375f5..ddbf6f28fd5024945fedcb3c6e2122948c4f1459 100644

--- a/src/tests/sysdb-tests.c

+++ b/src/tests/sysdb-tests.c

@@ -3900,6 +3900,8 @@ START_TEST(test_odd_characters)

     struct ldb_message *msg;

     const struct ldb_val *val;

     const char odd_username[] = "*(odd)\\user,name";

+    const char odd_username_orig_dn[] =

+        "\\2a\\28odd\\29\\5cuser,name,cn=users,dc=example,dc=com";

     const char odd_groupname[] = "*(odd\\*)\\group,name";

     const char odd_netgroupname[] = "*(odd\\*)\\netgroup,name";

     const char *received_user;

@@ -4010,6 +4012,23 @@ START_TEST(test_odd_characters)

     fail_unless(ret == EOK, "sysdb_delete_group error [%d][%s]",

                             ret, strerror(ret));

+    /* Add */

+    ret = sysdb_add_user(test_ctx->sysdb,

+                         test_ctx->domain,

+                         odd_username,

+                         10000, 0,

+                         "","","",

+                         odd_username_orig_dn,

+                         NULL, 5400, 0);

+    fail_unless(ret == EOK, "sysdb_add_user error [%d][%s]",

+                            ret, strerror(ret));

+

+    /* Delete User */

+    ret = sysdb_delete_user(test_ctx->sysdb, test_ctx->domain,

+                            odd_username, 10000);

+    fail_unless(ret == EOK, "sysdb_delete_user error [%d][%s]",

+                            ret, strerror(ret));

+

     /* ===== Netgroups ===== */

     /* Add */

     ret = sysdb_add_netgroup(test_ctx->sysdb, test_ctx->domain,

-- 

1.8.4.2