Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 63211
Collapse All | Expand All

(-)nss_ldap-220/ldap-parse.h (+5 lines)
Lines 33-38 Link Here
33 
	LA_INIT(a); \
 33 
	LA_INIT(a); \
34 
	LA_STRING(a) = NSS_ARGS(args)->key.name; \
 34 
	LA_STRING(a) = NSS_ARGS(args)->key.name; \
35 
	LA_TYPE(a) = LA_TYPE_STRING; \
 35 
	LA_TYPE(a) = LA_TYPE_STRING; \
36 
	if (! is_valid_username (name) \
37 
	{ \
38 
		syslog(LOG_INFO, "Invalid username %s", name); \
39 
		return NSS_STATUS_NOTFOUND; \
40 
	} \
36 
	s = _nss_ldap_getbyname(&a, \
 41 
	s = _nss_ldap_getbyname(&a, \
37 
		NSS_ARGS(args)->buf.result, \
 42 
		NSS_ARGS(args)->buf.result, \
38 
		NSS_ARGS(args)->buf.buffer, \
 43 
		NSS_ARGS(args)->buf.buffer, \
(-)nss_ldap-220/util.c (+15 lines)
Lines 1058-1060 Link Here
1058 

          1058
          

        

        

          1059
          
  return ret;

          1059
          
  return ret;

        

        

          1060
          
}

          1060
          
}

        

            

              
              
              1061
              

            

            

              1062
              
int is_valid_username(char *user)

            

            

              1063
              
{

            

            

              1064
              
        unsigned char *p;

            

            

              1065
              

            

            

              1066
              
/* This is pretty liberal, but we're going to use direct syscalls only,

            

            

              1067
              
 * and they have to accept all the printable characters */

            

            

              1068
              
        for (p = (unsigned char *)user; *p; p++)

            

            

              1069
              
                if (*p < ' ' || *p > 0x7E || *p == '.' || *p == '/') return 0;

            

            

              1070
              

            

            

              1071
              
        if (p - (unsigned char *)user > NAME_MAX) return 0;

            

            

              1072
              

            

            

              1073
              
        return 1;

            

            

              1074
              
}

            

            

              1075
              

            



(-)nss_ldap-220/util.h
      (+2 lines)




  

    
      
            Lines 131-136
          
      
      
        Link Here
      
    
  

        

          131
          
NSS_STATUS _nss_ldap_escape_string (const char *str,

          131
          
NSS_STATUS _nss_ldap_escape_string (const char *str,

        

        

          132
          
				    char *buf, size_t buflen);

          132
          
				    char *buf, size_t buflen);

        

        

          133
          

          133
          

        

            

              
              
              134
              
int is_valid_username(char *user);

            

            

              135
              

            

        

          134
          
#define MAP_H_ERRNO(nss_status, herr)   do { \

          136
          
#define MAP_H_ERRNO(nss_status, herr)   do { \

        

        

          135
          
		switch ((nss_status)) {		\

          137
          
		switch ((nss_status)) {		\

        

        

          136
          
		case NSS_SUCCESS:		\

          138
          
		case NSS_SUCCESS:		\

        






  

  Return to bug 63211