diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2012-09-20 20:34:03 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2012-09-20 20:34:03 +0200 |
| commit | 6d11c9da714700bfc152f1fe79d88cacada8f571 (patch) | |
| tree | 6e616f6efe7581eccee02469afe723316f71c018 /nslcd/passwd.c | |
| parent | 927a27faf2a934e615d58bdccbd265490146b90c (diff) | |
implements proper range checking numeric values returned from LDAP (thanks Jakub Hrozek) (r1523, r1524 and r1528 from 0.8, r1600 from 0.7)
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.7.15+squeeze@1772 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'nslcd/passwd.c')
| -rw-r--r-- | nslcd/passwd.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/nslcd/passwd.c b/nslcd/passwd.c index 82c5062..ec2d38b 100644 --- a/nslcd/passwd.c +++ b/nslcd/passwd.c @@ -338,13 +338,20 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser, } for (numuids=0;(numuids<MAXUIDS_PER_ENTRY)&&(tmpvalues[numuids]!=NULL);numuids++) { - uids[numuids]=(uid_t)strtol(tmpvalues[numuids],&tmp,0); + errno=0; + uids[numuids]=strtouid(tmpvalues[numuids],&tmp,0); if ((*(tmpvalues[numuids])=='\0')||(*tmp!='\0')) { log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value", myldap_get_dn(entry),attmap_passwd_uidNumber); return 0; } + else if (errno!=0) + { + log_log(LOG_WARNING,"passwd entry %s contains too large %s value", + myldap_get_dn(entry),attmap_passwd_uidNumber); + return 0; + } } } /* get the gid for this entry */ @@ -355,13 +362,20 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser, myldap_get_dn(entry),attmap_passwd_gidNumber); return 0; } - gid=(gid_t)strtol(gidbuf,&tmp,0); + errno=0; + gid=strtogid(gidbuf,&tmp,0); if ((gidbuf[0]=='\0')||(*tmp!='\0')) { log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value", myldap_get_dn(entry),attmap_passwd_gidNumber); return 0; } + else if (errno!=0) + { + log_log(LOG_WARNING,"passwd entry %s contains too large %s value", + myldap_get_dn(entry),attmap_passwd_gidNumber); + return 0; + } /* get the gecos for this entry */ attmap_get_value(entry,attmap_passwd_gecos,gecos,sizeof(gecos)); /* get the home directory for this entry */ |