From ff79469c8eec5e82d0914b724e0721ac1fd266ca Mon Sep 17 00:00:00 2001 From: David Coutadeur Date: Tue, 20 Aug 2019 15:38:43 +0200 Subject: [PATCH] fix openldap crash when checkRDN=1 and username contains dash #16 --- ppm.c | 21 +++++++++++++-------- unit_tests.sh | 1 + 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/ppm.c b/ppm.c index 953dabf..55acc62 100644 --- a/ppm.c +++ b/ppm.c @@ -298,23 +298,28 @@ containsRDN(char* passwd, char* DN) { if (strlen(token) > 2) { + ppm_log(LOG_NOTICE, "ppm: Checking if %s part of RDN matches the password", token); // Compile regular expression reti = regcomp(®ex, token, REG_ICASE); if (reti) { ppm_log(LOG_ERR, "ppm: Cannot compile regex: %s", token); exit(EXIT_FAILURE); } - } - // Execute regular expression - reti = regexec(®ex, passwd, 0, NULL, 0); - if (!reti) - { + // Execute regular expression + reti = regexec(®ex, passwd, 0, NULL, 0); + if (!reti) + { + regfree(®ex); + return 1; + } + regfree(®ex); - return 1; } - - regfree(®ex); + else + { + ppm_log(LOG_NOTICE, "ppm: %s part of RDN is too short to be checked", token); + } token = strtok(NULL, TOKENS_DELIMITERS); } diff --git a/unit_tests.sh b/unit_tests.sh index a7fc8b5..a5c0e49 100755 --- a/unit_tests.sh +++ b/unit_tests.sh @@ -109,6 +109,7 @@ launch_test "ppm2.conf" "uid=test,ou=users,dc=my-domain,dc=com" "AAaaaBBBBaaa01A # password in RDN launch_test "ppm3.conf" "uid=User_Password10-test,ou=users,dc=my-domain,dc=com" "Password10" "FAIL" launch_test "ppm3.conf" "uid=User_Passw0rd-test,ou=users,dc=my-domain,dc=com" "Password10" "PASS" +launch_test "ppm3.conf" "uid=User-Pw-Test,ou=users,dc=my-domain,dc=com" "Password10" "PASS" echo "${RESULT} error(s) encountered"