From: František Dvořák Date: Sat, 19 Oct 2013 19:17:29 +0000 (+0200) Subject: Check for forbidden characters in users and group identities. It's limited by the... X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=28329c1475c285b0157735c8ff96558575993082;p=dmlite-plugins-vfs.git Check for forbidden characters in users and group identities. It's limited by the file format used for storing the information. --- diff --git a/src/VfsAuthn.cpp b/src/VfsAuthn.cpp index 3d65e0a..498b925 100644 --- a/src/VfsAuthn.cpp +++ b/src/VfsAuthn.cpp @@ -91,6 +91,9 @@ void VfsAuthn::vfsNewGroup(const std::string& groupName) throw (DmException) { unsigned int gid; GroupInfo gi; + if (groupName.find_first_of("\t\n\r") != std::string::npos) + vfsThrow(DMLITE_SYSERR(EINVAL), "group name can't contain tabelators or newline characters"); + // new gid gid = this->nextGid_; while (this->gids_.find(gid) != this->gids_.end()) @@ -113,6 +116,9 @@ void VfsAuthn::vfsNewUser(const std::string& userName) throw (DmException) { unsigned int uid; UserInfo ui; + if (userName.find_first_of("\t\r\n") != std::string::npos) + vfsThrow(DMLITE_SYSERR(EINVAL), "user name can't contain tabelators or newline characters"); + // new uid uid = this->nextUid_; while (this->uids_.find(uid) != this->uids_.end())