[Bug 1669712] [NEW] Newline characters (\n) must be sanitized before LDAP requests take place.

Victor Tapia Fri, 03 Mar 2017 01:01:38 -0800

Public bug reported:

Introducing valid usernames with trailing newline characters triggers
the removal of valid LDB cache entries



Reproducer:

1. Request a valid user and confirm it's cached:
ubuntu@ubuntu:~⟫ sudo sss_cache -E; getent passwd 'ad1'                         
                                                       
ad1:*:1500:1500:ad1:/home/ad:/bin/bash

ubuntu@ubuntu:~⟫ sudo ldbsearch -H /var/lib/sss/db/cache_UBUNTU.TEST.ldb -b 
name=ad1,cn=users,cn=UBUNTU.TEST,cn=sysdb | grep entries 
asq: Unable to register control with rootdse!
# 1 entries

2. Request an invalid username:
ubuntu@ubuntu:~⟫ sudo sss_cache -E; getent passwd 'ad1
'

3. Confirm the cache entry has disappeared:
ubuntu@ubuntu:~⟫ sudo ldbsearch -H /var/lib/sss/db/cache_UBUNTU.TEST.ldb -b 
name=ad1,cn=users,cn=UBUNTU.TEST,cn=sysdb | grep entries
asq: Unable to register control with rootdse!
# 0 entries


This is an excerpt from the logs of the request with the newline char:

(Tue Feb 28 16:07:40 2017) [sssd[be[UBUNTU.TEST]]] [be_get_account_info] 
(0x0200): Got request for [0x1001][FAST BE_REQ_USER][1][name=ad1
]

(Tue Feb 28 16:08:33 2017) [sssd[be[UBUNTU.TEST]]] [sdap_get_generic_ext_step] 
(0x0400): calling ldap_search_ext with [(&(sAMAccountName=ad1
)(objectclass=user)(sAMAccountName=*)(&(uidNumber=*)(!(uidNumber=0))))][CN=Users,DC=ubuntu,DC=test].
(Tue Feb 28 16:08:33 2017) [sssd[be[UBUNTU.TEST]]] [sdap_get_users_done] 
(0x0040): Failed to retrieve users
(Tue Feb 28 16:08:33 2017) [sssd[nss]] [sss_ncache_set_str] (0x0400): Adding 
[NCE/USER/UBUNTU.TEST/ad1
] to negative cache
(Tue Feb 28 16:08:33 2017) [sssd[nss]] [nss_cmd_getpwnam_search] (0x0040): No 
results for getpwnam call

At this point, the ldb entry removal request for ad1 (without \n) takes
place via sysdb_delete_user.


Adding '\n' to the character list in sss_filter_sanitize_ex() seems to fix this 
issue.

Upstream bug: https://pagure.io/SSSD/sssd/issue/3317

** Affects: sssd (Ubuntu)
     Importance: Medium
     Assignee: Victor Tapia (vtapia)
         Status: New


** Tags: sts

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1669712

Title:
  Newline characters (\n) must be sanitized before LDAP requests take
  place.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1669712/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1669712] [NEW] Newline characters (\n) must be sanitized before LDAP requests take place.

Reply via email to