]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
auth:creds: Add sanity check for env variables
authorAndreas Schneider <asn@samba.org>
Tue, 27 Apr 2021 14:11:48 +0000 (16:11 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 29 Jun 2021 02:19:35 +0000 (02:19 +0000)
CID 710829

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth/credentials/credentials.c

index 6615ef5cb603d5167fcfe9015bf0787db9b684c6..49b350dc0d3e04bf1778bd2045567650c87553ea 100644 (file)
@@ -1157,38 +1157,65 @@ _PUBLIC_ bool cli_credentials_set_conf(struct cli_credentials *cred,
 _PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred,
                           struct loadparm_context *lp_ctx)
 {
-       char *p;
        const char *error_string;
+       const char *env = NULL;
 
        if (lp_ctx != NULL) {
                cli_credentials_set_conf(cred, lp_ctx);
        }
-       
-       if (getenv("LOGNAME")) {
-               cli_credentials_set_username(cred, getenv("LOGNAME"), CRED_GUESS_ENV);
+
+       env = getenv("LOGNAME");
+       if (env != NULL) {
+               size_t len = strlen(env);
+
+               if (len > 0 && len <= 1024) {
+                       cli_credentials_set_username(cred, env, CRED_GUESS_ENV);
+               }
        }
 
-       if (getenv("USER")) {
-               cli_credentials_parse_string(cred, getenv("USER"), CRED_GUESS_ENV);
-               if ((p = strchr_m(getenv("USER"),'%'))) {
-                       memset(p,0,strlen(cred->password));
+       env = getenv("USER");
+       if (env != NULL) {
+               size_t len = strlen(env);
+
+               if (len > 0 && len <= 1024) {
+                       char *p = NULL;
+
+                       cli_credentials_parse_string(cred, env, CRED_GUESS_ENV);
+                       if ((p = strchr_m(env, '%'))) {
+                               memset(p, '\0', strlen(cred->password));
+                       }
                }
        }
 
-       if (getenv("PASSWD")) {
-               cli_credentials_set_password(cred, getenv("PASSWD"), CRED_GUESS_ENV);
+       env = getenv("PASSWD");
+       if (env != NULL) {
+               size_t len = strlen(env);
+
+               if (len > 0 && len <= 1024) {
+                       cli_credentials_set_password(cred, env, CRED_GUESS_ENV);
+               }
        }
 
-       if (getenv("PASSWD_FD")) {
-               cli_credentials_parse_password_fd(cred, atoi(getenv("PASSWD_FD")), 
-                                                 CRED_GUESS_FILE);
+       env = getenv("PASSWD");
+       if (env != NULL) {
+               size_t len = strlen(env);
+
+               if (len > 0 && len <= 1024) {
+                       int fd = atoi(env);
+
+                       cli_credentials_parse_password_fd(cred, fd, CRED_GUESS_FILE);
+               }
        }
-       
-       p = getenv("PASSWD_FILE");
-       if (p && p[0]) {
-               cli_credentials_parse_password_file(cred, p, CRED_GUESS_FILE);
+
+       env = getenv("PASSWD_FILE");
+       if (env != NULL) {
+               size_t len = strlen(env);
+
+               if (len > 0 && len <= 4096) {
+                       cli_credentials_parse_password_file(cred, env, CRED_GUESS_FILE);
+               }
        }
-       
+
        if (lp_ctx != NULL &&
            cli_credentials_get_kerberos_state(cred) != CRED_USE_KERBEROS_DISABLED) {
                cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE,