This is the mail archive of the cygwin-cvs@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[newlib-cygwin] Don't allow fully qualified Windows account names.


https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=1c7ac6e19028bc93f237557e781f1bf98ee29ea5

commit 1c7ac6e19028bc93f237557e781f1bf98ee29ea5
Author: Corinna Vinschen <corinna@vinschen.de>
Date:   Tue Mar 31 11:54:34 2015 +0200

    Don't allow fully qualified Windows account names.
    
    	* uinfo.cc (pwdgrp::fetch_account_from_windows): Don't allow fully
    	qualified Windows account names (domain\user or user@domain).
    
    Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

Diff:
---
 winsup/cygwin/ChangeLog | 5 +++++
 winsup/cygwin/uinfo.cc  | 7 +++++++
 2 files changed, 12 insertions(+)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 09749e0..0e23b03 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,10 @@
 2015-03-31  Corinna Vinschen  <corinna@vinschen.de>
 
+	* uinfo.cc (pwdgrp::fetch_account_from_windows): Don't allow fully
+	qualified Windows account names (domain\user or user@domain).
+
+2015-03-31  Corinna Vinschen  <corinna@vinschen.de>
+
 	* localtime.cc (tzset_unlocked): Export as _tzset_unlocked.
 
 2015-03-30  Yaakov Selkowitz  <yselkowi@redhat.com>
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index f78e484..6186327 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -1827,6 +1827,13 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
       fq_name = false;
       /* Copy over to wchar for search. */
       sys_mbstowcs (name, UNLEN + 1, arg.name);
+      /* If the incoming name has a backslash or at sign, and neither backslash
+	 nor at are the domain separator chars, the name is invalid. */
+      if ((p = wcspbrk (name, L"\\@")) && *p != cygheap->pg.nss_separator ()[0])
+	{
+	  debug_printf ("Invalid account name <%s> (backslash/at)", arg.name);
+	  return NULL;
+	}
       /* Replace domain separator char with backslash and make sure p is NULL
 	 or points to the backslash. */
       if ((p = wcschr (name, cygheap->pg.nss_separator ()[0])))


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]