s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8

The UTF16MUNGED helper will map all invalid sequences (except odd
input length) to valid input sequences, per the rules.  Therefore if
it fails, we need to bail out, somehing serious is wrong.

Andrew Bartlett

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 9b6cf8cd35abdbc8450c6410c3fa804a65180a9f..acf48d31f90d2a32455e6bd625ade24f6bbc04ab 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1325,8 +1325,12 @@ static int setup_given_passwords(struct setup_password_fields_io *io,
                                           g->cleartext_utf16->length,
                                           (void *)&cleartext_utf8_str,
                                           &converted_pw_len, false)) {
-                       /* We can't bail out entirely, as these unconvertable passwords are frustratingly valid */
+                       /* We must bail out here, the input wasn't even a multiple of 2 bytes */
                        talloc_free(cleartext_utf8_blob);
+                       ldb_asprintf_errstring(ldb,
+                                              "setup_password_fields: "
+                                              "UTF16 password for user %s had odd length (length must be a multiple of 2)", io->u.sAMAccountName);
+                       return LDB_ERR_OPERATIONS_ERROR;
                } else {
                        *cleartext_utf8_blob = data_blob_const(cleartext_utf8_str,
                                                               converted_pw_len);