diff options
author | Swen Schillig <swen@linux.ibm.com> | 2019-01-29 14:21:25 +0100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2019-03-01 00:32:11 +0000 |
commit | ea7231dcc0b50c535f913f0542d600d0b2119a21 (patch) | |
tree | 517658a92fbbde53fa5e0f0af61d89cd4c7b3500 /nsswitch | |
parent | 81cc7a35189fffc0538997e739f4556142ae5458 (diff) | |
download | samba-ea7231dcc0b50c535f913f0542d600d0b2119a21.tar.gz |
libwbclient: Use wrapper for string to integer conversion
In order to detect an value overflow error during
the string to integer conversion with strtoul/strtoull,
the errno variable must be set to zero before the execution and
checked after the conversion is performed. This is achieved by
using the wrapper function strtoul_err and strtoull_err.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'nsswitch')
-rw-r--r-- | nsswitch/libwbclient/wbc_idmap.c | 10 | ||||
-rw-r--r-- | nsswitch/libwbclient/wbc_sid.c | 36 | ||||
-rw-r--r-- | nsswitch/libwbclient/wscript | 2 |
3 files changed, 27 insertions, 21 deletions
diff --git a/nsswitch/libwbclient/wbc_idmap.c b/nsswitch/libwbclient/wbc_idmap.c index 6876a95316c..6af96bddb59 100644 --- a/nsswitch/libwbclient/wbc_idmap.c +++ b/nsswitch/libwbclient/wbc_idmap.c @@ -24,6 +24,7 @@ #include "replace.h" #include "libwbclient.h" #include "../winbind_client.h" +#include "lib/util/util.h" /* Convert a Windows SID to a Unix uid, allocating an uid if needed */ wbcErr wbcCtxSidToUid(struct wbcContext *ctx, const struct wbcDomainSid *sid, @@ -374,26 +375,27 @@ wbcErr wbcCtxSidsToUnixIds(struct wbcContext *ctx, for (i=0; i<num_sids; i++) { struct wbcUnixId *id = &ids[i]; char *q; + int error = 0; switch (p[0]) { case 'U': id->type = WBC_ID_TYPE_UID; - id->id.uid = strtoul(p+1, &q, 10); + id->id.uid = strtoul_err(p+1, &q, 10, &error); break; case 'G': id->type = WBC_ID_TYPE_GID; - id->id.gid = strtoul(p+1, &q, 10); + id->id.gid = strtoul_err(p+1, &q, 10, &error); break; case 'B': id->type = WBC_ID_TYPE_BOTH; - id->id.uid = strtoul(p+1, &q, 10); + id->id.uid = strtoul_err(p+1, &q, 10, &error); break; default: id->type = WBC_ID_TYPE_NOT_SPECIFIED; q = strchr(p, '\n'); break; }; - if (q == NULL || q[0] != '\n') { + if (q == NULL || q[0] != '\n' || error != 0) { goto wbc_err_invalid; } p = q+1; diff --git a/nsswitch/libwbclient/wbc_sid.c b/nsswitch/libwbclient/wbc_sid.c index 77445afc5e9..514a7e8d738 100644 --- a/nsswitch/libwbclient/wbc_sid.c +++ b/nsswitch/libwbclient/wbc_sid.c @@ -26,6 +26,7 @@ #include "replace.h" #include "libwbclient.h" #include "../winbind_client.h" +#include "lib/util/util.h" /* Convert a sid to a string into a buffer. Return the string * length. If buflen is too small, return the string length that would @@ -99,6 +100,7 @@ wbcErr wbcStringToSid(const char *str, { const char *p; char *q; + int error = 0; uint64_t x; wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; @@ -120,8 +122,8 @@ wbcErr wbcStringToSid(const char *str, /* Get the SID revision number */ p = str+2; - x = (uint64_t)strtoul(p, &q, 10); - if (x==0 || x > UINT8_MAX || !q || *q!='-') { + x = (uint64_t)strtoul_err(p, &q, 10, &error); + if (x == 0 || x > UINT8_MAX || !q || *q != '-' || error != 0) { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } @@ -133,8 +135,8 @@ wbcErr wbcStringToSid(const char *str, * be expressed as a hex value, according to MS-DTYP. */ p = q+1; - x = strtoull(p, &q, 0); - if (!q || *q!='-' || (x & AUTHORITY_MASK)) { + x = strtoull_err(p, &q, 0, &error); + if (!q || *q != '-' || (x & AUTHORITY_MASK) || error != 0) { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } @@ -149,10 +151,10 @@ wbcErr wbcStringToSid(const char *str, p = q +1; sid->num_auths = 0; while (sid->num_auths < WBC_MAXSUBAUTHS) { - x = strtoull(p, &q, 10); + x = strtoull_err(p, &q, 10, &error); if (p == q) break; - if (x > UINT32_MAX) { + if (x > UINT32_MAX || error != 0) { wbc_status = WBC_ERR_INVALID_SID; BAIL_ON_WBC_ERROR(wbc_status); } @@ -337,6 +339,7 @@ wbcErr wbcCtxLookupSids(struct wbcContext *ctx, char *sidlist, *p, *q, *extra_data; struct wbcDomainInfo *domains = NULL; struct wbcTranslatedName *names = NULL; + int error = 0; buflen = num_sids * (WBC_SID_STRING_BUFLEN + 1) + 1; @@ -386,8 +389,8 @@ wbcErr wbcCtxLookupSids(struct wbcContext *ctx, p = extra_data; - num_domains = strtoul(p, &q, 10); - if (*q != '\n') { + num_domains = strtoul_err(p, &q, 10, &error); + if (*q != '\n' || error != 0) { goto wbc_err_invalid; } p = q+1; @@ -426,8 +429,8 @@ wbcErr wbcCtxLookupSids(struct wbcContext *ctx, p = q+1; } - num_names = strtoul(p, &q, 10); - if (*q != '\n') { + num_names = strtoul_err(p, &q, 10, &error); + if (*q != '\n' || error != 0) { goto wbc_err_invalid; } p = q+1; @@ -446,8 +449,8 @@ wbcErr wbcCtxLookupSids(struct wbcContext *ctx, for (i=0; i<num_names; i++) { - names[i].domain_index = strtoul(p, &q, 10); - if (names[i].domain_index < 0) { + names[i].domain_index = strtoul_err(p, &q, 10, &error); + if (names[i].domain_index < 0 || error != 0) { goto wbc_err_invalid; } if (names[i].domain_index >= num_domains) { @@ -459,8 +462,8 @@ wbcErr wbcCtxLookupSids(struct wbcContext *ctx, } p = q+1; - names[i].type = strtoul(p, &q, 10); - if (*q != ' ') { + names[i].type = strtoul_err(p, &q, 10, &error); + if (*q != ' ' || error != 0) { goto wbc_err_invalid; } p = q+1; @@ -515,6 +518,7 @@ wbcErr wbcCtxLookupRids(struct wbcContext *ctx, struct wbcDomainSid *dom_sid, size_t i, len, ridbuf_size; char *ridlist; char *p; + int error = 0; struct winbindd_request request; struct winbindd_response response; char *domain_name = NULL; @@ -581,9 +585,9 @@ wbcErr wbcCtxLookupRids(struct wbcContext *ctx, struct wbcDomainSid *dom_sid, goto done; } - types[i] = (enum wbcSidType)strtoul(p, &q, 10); + types[i] = (enum wbcSidType)strtoul_err(p, &q, 10, &error); - if (*q != ' ') { + if (*q != ' ' || error != 0) { wbc_status = WBC_ERR_INVALID_RESPONSE; goto done; } diff --git a/nsswitch/libwbclient/wscript b/nsswitch/libwbclient/wscript index 7bb612d670a..d926067df91 100644 --- a/nsswitch/libwbclient/wscript +++ b/nsswitch/libwbclient/wscript @@ -37,7 +37,7 @@ def build(bld): wbc_pwd.c wbc_sid.c wbc_util.c''', - deps='winbind-client', + deps='winbind-client samba-util', pc_files='wbclient.pc', public_headers='wbclient.h', abi_directory='ABI', |