From: Andreas Schneider Date: Tue, 5 Aug 2025 13:25:54 +0000 (+0200) Subject: auth:creds: Validate realm names in set_realm and set_principal X-Git-Tag: samba-4.23.0rc3~12 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e9b5835127f84b9503f1ce0d363b5c86f463923c;p=thirdparty%2Fsamba.git auth:creds: Validate realm names in set_realm and set_principal See also https://web.mit.edu/kerberos/krb5-latest/doc/admin/realm_config.html#realm-name BUG: https://bugzilla.samba.org/show_bug.cgi?id=15893 Signed-off-by: Andreas Schneider Reviewed-by: Alexander Bokovoy (cherry picked from commit e848671f34f969634d55eb7b846d70e6334034ae) --- diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c index 1a64a2d8cdc..777bf53430d 100644 --- a/auth/credentials/credentials.c +++ b/auth/credentials/credentials.c @@ -33,6 +33,18 @@ #include "system/filesys.h" #include "system/passwd.h" +static bool str_is_ascii(const char *s) { + if (s != NULL) { + for (; s[0] != '\0'; s++) { + if (!isascii(s[0])) { + return false; + } + } + } + + return true; +} + /** * Create a new credentials structure * @param mem_ctx TALLOC_CTX parent for credentials structure @@ -435,6 +447,14 @@ _PUBLIC_ bool cli_credentials_set_principal(struct cli_credentials *cred, /* If `val = NULL` is passed, principal is reset */ cred->principal = NULL; if (val != NULL) { + char *p = strchr(val, '@'); + if (p != NULL) { + /* For realm names, only ASCII is allowed */ + if (!str_is_ascii(p + 1)) { + return false; + } + } + cred->principal = talloc_strdup(cred, val); if (cred->principal == NULL) { return false; @@ -951,6 +971,11 @@ _PUBLIC_ bool cli_credentials_set_realm(struct cli_credentials *cred, /* If `val = NULL` is passed, realm is reset */ cred->realm = NULL; if (val != NULL) { + /* For realm names, only ASCII is allowed */ + if (!str_is_ascii(val)) { + return false; + } + cred->realm = strupper_talloc(cred, val); if (cred->realm == NULL) { return false;