r8083: check attribute type is valid (only ascii alphanum chars and '-' char)

author Simo Sorce <idra@samba.org>

Sat, 2 Jul 2005 18:34:13 +0000 (18:34 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:19:06 +0000 (13:19 -0500)
author Simo Sorce <idra@samba.org>
Sat, 2 Jul 2005 18:34:13 +0000 (18:34 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:19:06 +0000 (13:19 -0500)
diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c

index 18b620b5061fed91c3c0691e8e560f5756e3925c..8b9cf4e1297d9b0f0da3e001e1cd67b95b33273b 100644 (file)
--- a/source4/lib/ldb/common/ldb_dn.c
+++ b/source4/lib/ldb/common/ldb_dn.c
@@ -41,6 +41,21 @@
  
  #define LDB_DN_NULL_FAILED(x) if (!(x)) goto failed
  
+static int ldb_dn_is_valid_attribute_name(const char *name)
+{
+       while (*name) {
+               if (! isascii(*name)) {
+                       return 0;
+               }
+               if (! (isalnum(*name) || *name == '-')) {
+                       return 0;
+               }
+               name++;
+       }
+
+       return 1;
+}
+
  static char *ldb_dn_escape_value(void *mem_ctx, struct ldb_val value)
  {
         const char *p, *s, *src;
@@ -250,6 +265,10 @@ static struct ldb_dn_component ldb_dn_explode_component(void *mem_ctx, char *raw
         if (!dc.name)
                 return dc;
  
+       if (! ldb_dn_is_valid_attribute_name(dc.name)) {
+               goto failed;
+       }
+
         ret = get_quotes_position(p, &qs, &qe);
  
         switch (ret) {
author	Simo Sorce <idra@samba.org>
	Sat, 2 Jul 2005 18:34:13 +0000 (18:34 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:19:06 +0000 (13:19 -0500)