[PATCH] Setting nTSecurityDescriptor via LDAP fails
Zahari Zahariev
zahari.zahariev at postpath.com
Fri Mar 20 10:53:16 GMT 2009
Hello,
I am sending again the patch for nTSecurityDescriptor bug with LDAP
(null character '\0' issue in the middle of object property value).
Hope it is OK now.
-Zahari, Sofia
-------------- next part --------------
>From 49b57287305ca8ba5106fc04dacbfbf8c69161af Mon Sep 17 00:00:00 2001
From: zahari <zahari at darkstar.zahari.local>
Date: Fri, 20 Mar 2009 12:03:29 +0200
Subject: [PATCH] Setting nTSecurityDescriptor via LDAP fails
Fix for the problem was substitute talloc_strndup() with
talloc_memdup(), allocate 1 more character and put null character
('\0') in the extra place so data copied is null terminated.
---
source4/lib/ldb/pyldb.c | 6 ++++--
source4/lib/ldb/tests/python/ldap.py | 14 ++++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c
index 81b9609..aa3f02b 100644
--- a/source4/lib/ldb/pyldb.c
+++ b/source4/lib/ldb/pyldb.c
@@ -1273,9 +1273,11 @@ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx,
me->num_values = 1;
me->values = talloc_array(me, struct ldb_val, me->num_values);
me->values[0].length = PyString_Size(set_obj);
- me->values[0].data = (uint8_t *)talloc_strndup(me->values,
+ me->values[0].data = (uint8_t *)talloc_memdup(me->values,
PyString_AsString(set_obj),
- me->values[0].length);
+ me->values[0].length + 1);
+ me->values[0].data[me->values[0].length] = '\0';
+
} else if (PySequence_Check(set_obj)) {
int i;
me->num_values = PySequence_Size(set_obj);
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index a30273f..1824053 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -90,6 +90,20 @@ class BasicTests(unittest.TestCase):
except LdbError, (num, _):
self.assertEquals(num, ERR_NO_SUCH_OBJECT)
+ def test_zero_byte_string(self):
+ """ Testing we do not get trapped in the '\0' byte in a property string"""
+ user_dn = "cn=ldaptestuser,cn=users," + self.base_dn
+ self.delete_force(self.ldb, user_dn)
+ ldb.add({
+ "dn" : user_dn,
+ "objectclass" : "user",
+ "cN" : "LDAPtestUSER",
+ "givenname" : "ldap",
+ "displayname" : "foo\0bar",
+ })
+ res = self.ldb.search( self.base_dn, expression="(dn=%s)" % user_dn )
+ self.assertEquals( "foo\0bar", res[0]["displayname"][0] )
+
def test_all(self):
"""Basic tests"""
--
1.5.6.3
More information about the samba-technical
mailing list