The branch, master has been updated via 2a00138 s4-dsdb/schema_syntax: Separate validation for numericoid OID values via 14cb61d asn1_tests: Implement negative unit-tests for ber_write_OID_String() via 6b63ad6 asn1: ber_write_OID_String() to be more picky about supplied OID from c74ef7a waf: Mark the replacement zlib private so that it can build on machine without a system zlib
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 2a001381e88b18b8612cdc2a40d9ea3c825548ea Author: Kamen Mazdrashki <kame...@samba.org> Date: Wed Oct 20 13:49:46 2010 +0300 s4-dsdb/schema_syntax: Separate validation for numericoid OID values This implementation doesn't use prefixMap/Schema to validate numericoid OIDs. We may not have this OID yet, so I see no point checking schema for if we have it. Side effect of using prefixMap/Schema for validating numericoids is that we mistakenly add the OID to the prefixMap. This led to a corrupted prefixMap in LDB. Autobuild-User: Kamen Mazdrashki <kame...@samba.org> Autobuild-Date: Thu Oct 21 23:32:26 UTC 2010 on sn-devel-104 commit 14cb61da8fe4fb24c3e066e5731d0be00ddb893b Author: Kamen Mazdrashki <kame...@samba.org> Date: Wed Oct 20 13:46:34 2010 +0300 asn1_tests: Implement negative unit-tests for ber_write_OID_String() commit 6b63ad6ff1bfcb7fcfb3e0f3cd4636ff222ab88f Author: Kamen Mazdrashki <kame...@samba.org> Date: Wed Oct 20 13:45:59 2010 +0300 asn1: ber_write_OID_String() to be more picky about supplied OID Now function will check for invalid OID handling cases where: - sub-identifier has invalid characters (non-digit) - 'dot' separator found on unexpected place. For instance '.' at start or end of the OID. Two '.' in a row. ----------------------------------------------------------------------- Summary of changes: lib/util/asn1.c | 5 +++ lib/util/tests/asn1_tests.c | 22 +++++++++++++++ source4/dsdb/schema/schema_syntax.c | 50 ++++++++++++++++++++++++++++++++-- 3 files changed, 74 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/asn1.c b/lib/util/asn1.c index 2a71f2f..21d4bd4 100644 --- a/lib/util/asn1.c +++ b/lib/util/asn1.c @@ -221,10 +221,12 @@ bool ber_write_OID_String(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, const char *OID) char *newp; int i; + if (!isdigit(*p)) return false; v = strtoul(p, &newp, 10); if (newp[0] != '.') return false; p = newp + 1; + if (!isdigit(*p)) return false; v2 = strtoul(p, &newp, 10); if (newp[0] != '.') return false; p = newp + 1; @@ -237,9 +239,12 @@ bool ber_write_OID_String(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, const char *OID) i = 1; while (*p) { + if (!isdigit(*p)) return false; v = strtoul(p, &newp, 10); if (newp[0] == '.') { p = newp + 1; + /* check for empty last component */ + if (!*p) return false; } else if (newp[0] == '\0') { p = newp; } else { diff --git a/lib/util/tests/asn1_tests.c b/lib/util/tests/asn1_tests.c index b11e9d5..97f7756 100644 --- a/lib/util/tests/asn1_tests.c +++ b/lib/util/tests/asn1_tests.c @@ -64,6 +64,17 @@ static const struct oid_data oid_data_ok[] = { }, }; +/* Data for successful OIDs conversions */ +static const char *oid_data_err[] = { + "", /* empty OID */ + ".2.5.4.130", /* first sub-identifier is empty */ + "2.5.4.130.", /* last sub-identifier is empty */ + "2..5.4.130", /* second sub-identifier is empty */ + "2.5..4.130", /* third sub-identifier is empty */ + "2.abc.4.130", /* invalid sub-identifier */ + "2.5abc.4.130", /* invalid sub-identifier (alpha-numeric)*/ +}; + /* Data for successful Partial OIDs conversions */ static const struct oid_data partial_oid_data_ok[] = { { @@ -104,6 +115,7 @@ static bool test_ber_write_OID_String(struct torture_context *tctx) mem_ctx = talloc_new(tctx); + /* check for valid OIDs */ for (i = 0; i < ARRAY_SIZE(oid_data_ok); i++) { torture_assert(tctx, ber_write_OID_String(mem_ctx, &blob, data[i].oid), "ber_write_OID_String failed"); @@ -117,6 +129,16 @@ static bool test_ber_write_OID_String(struct torture_context *tctx) data[i].oid, data[i].bin_oid)); } + /* check for invalid OIDs */ + for (i = 0; i < ARRAY_SIZE(oid_data_err); i++) { + torture_assert(tctx, + !ber_write_OID_String(mem_ctx, &blob, oid_data_err[i]), + talloc_asprintf(mem_ctx, + "Should fail for [%s] -> %s", + oid_data_err[i], + hex_encode_talloc(mem_ctx, blob.data, blob.length))); + } + talloc_free(mem_ctx); return true; diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index db53aea..d6e4527 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -30,6 +30,7 @@ #include "system/time.h" #include "../lib/util/charset/charset.h" #include "librpc/ndr/libndr.h" +#include "../lib/util/asn1.h" /** * Initialize dsdb_syntax_ctx with default values @@ -1303,6 +1304,44 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(const struct dsdb_syntax_ctx *ctx, return _dsdb_syntax_auto_OID_ldb_to_drsuapi(ctx, attr, in, mem_ctx, out); } +static WERROR _dsdb_syntax_OID_validate_numericoid(const struct dsdb_syntax_ctx *ctx, + const struct dsdb_attribute *attr, + const struct ldb_message_element *in) +{ + unsigned int i; + TALLOC_CTX *tmp_ctx; + + tmp_ctx = talloc_new(ctx->ldb); + W_ERROR_HAVE_NO_MEMORY(tmp_ctx); + + for (i=0; i < in->num_values; i++) { + DATA_BLOB blob; + const char *oid_out; + const char *oid = (const char*)in->values[i].data; + + if (!ber_write_OID_String(tmp_ctx, &blob, oid)) { + DEBUG(0,("ber_write_OID_String() failed for %s\n", oid)); + talloc_free(tmp_ctx); + return WERR_INVALID_PARAMETER; + } + + if (!ber_read_OID_String(tmp_ctx, blob, &oid_out)) { + DEBUG(0,("ber_read_OID_String() failed for %s\n", + hex_encode_talloc(tmp_ctx, blob.data, blob.length))); + talloc_free(tmp_ctx); + return WERR_INVALID_PARAMETER; + } + + if (strcmp(oid, oid_out) != 0) { + talloc_free(tmp_ctx); + return WERR_INVALID_PARAMETER; + } + } + + talloc_free(tmp_ctx); + return WERR_OK; +} + static WERROR dsdb_syntax_OID_validate_ldb(const struct dsdb_syntax_ctx *ctx, const struct dsdb_attribute *attr, const struct ldb_message_element *in) @@ -1316,14 +1355,19 @@ static WERROR dsdb_syntax_OID_validate_ldb(const struct dsdb_syntax_ctx *ctx, return WERR_FOOBAR; } + switch (attr->attributeID_id) { + case DRSUAPI_ATTRIBUTE_governsID: + case DRSUAPI_ATTRIBUTE_attributeID: + case DRSUAPI_ATTRIBUTE_attributeSyntax: + return _dsdb_syntax_OID_validate_numericoid(ctx, attr, in); + } + /* * TODO: optimize and verify this code */ tmp_ctx = talloc_new(ctx->ldb); - if (tmp_ctx == NULL) { - return WERR_NOMEM; - } + W_ERROR_HAVE_NO_MEMORY(tmp_ctx); status = dsdb_syntax_OID_ldb_to_drsuapi(ctx, attr, -- Samba Shared Repository