From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 1 Feb 2016 22:04:04 +0000 (+0100)
Subject: s4:dsdb/samldb: check for valid lDAPDisplayName vaues on add()
X-Git-Tag: tevent-0.9.28~15
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3f0fbfa7b2eac8e54ce165564cf6f33dd1821644;p=thirdparty%2Fsamba.git

s4:dsdb/samldb: check for valid lDAPDisplayName vaues on add()

This still leaves modifies(), but that's a task for another day.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 2394bd9851e..479f89ad9a4 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -683,6 +683,7 @@ static int samldb_fill_object(struct samldb_ctx *ac)
 	}
 
 	case SAMLDB_TYPE_CLASS: {
+		const char *lDAPDisplayName = NULL;
 		const struct ldb_val *rdn_value, *def_obj_cat_val;
 		unsigned int v = ldb_msg_find_attr_as_uint(ac->msg, "objectClassCategory", -2);
 
@@ -719,6 +720,20 @@ static int samldb_fill_object(struct samldb_ctx *ac)
 			}
 		}
 
+		lDAPDisplayName = ldb_msg_find_attr_as_string(ac->msg,
+							      "lDAPDisplayName",
+							      NULL);
+		ret = ldb_valid_attr_name(lDAPDisplayName);
+		if (ret != 1 ||
+		    lDAPDisplayName[0] == '*' ||
+		    lDAPDisplayName[0] == '@')
+		{
+			return dsdb_module_werror(ac->module,
+						  LDB_ERR_UNWILLING_TO_PERFORM,
+						  WERR_DS_INVALID_LDAP_DISPLAY_NAME,
+						  "lDAPDisplayName is invalid");
+		}
+
 		if (!ldb_msg_find_element(ac->msg, "schemaIDGUID")) {
 			struct GUID guid;
 			/* a new GUID */
@@ -780,6 +795,7 @@ static int samldb_fill_object(struct samldb_ctx *ac)
 	}
 
 	case SAMLDB_TYPE_ATTRIBUTE: {
+		const char *lDAPDisplayName = NULL;
 		const struct ldb_val *rdn_value;
 		struct ldb_message_element *el;
 		rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
@@ -797,6 +813,20 @@ static int samldb_fill_object(struct samldb_ctx *ac)
 			}
 		}
 
+		lDAPDisplayName = ldb_msg_find_attr_as_string(ac->msg,
+							      "lDAPDisplayName",
+							      NULL);
+		ret = ldb_valid_attr_name(lDAPDisplayName);
+		if (ret != 1 ||
+		    lDAPDisplayName[0] == '*' ||
+		    lDAPDisplayName[0] == '@')
+		{
+			return dsdb_module_werror(ac->module,
+						  LDB_ERR_UNWILLING_TO_PERFORM,
+						  WERR_DS_INVALID_LDAP_DISPLAY_NAME,
+						  "lDAPDisplayName is invalid");
+		}
+
 		/* do not allow one to mark an attributeSchema as RODC filtered if it
 		 * is system-critical */
 		if (check_rodc_critical_attribute(ac->msg)) {