From: František Dvořák Date: Sat, 19 Oct 2013 17:12:31 +0000 (+0200) Subject: Check for forbidden characters in users and group identities. It's limited by the... X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=7cf6144b58dd66e611fb3bec94cb87a0c26a2801;p=dmlite-plugins-vfs-old.git Check for forbidden characters in users and group identities. It's limited by the file format used for storing the information. --- diff --git a/src/VfsAuthn.cpp b/src/VfsAuthn.cpp index a72356d..cddf1f3 100644 --- a/src/VfsAuthn.cpp +++ b/src/VfsAuthn.cpp @@ -89,6 +89,9 @@ void VfsAuthn::vfsNewGroup(const std::string& groupName) throw (DmException) { unsigned int gid; GroupInfo gi; + if (groupName.find_first_of("\t\n\r") != std::string::npos) + vfsThrow(DMLITE_SYSERR(EINVAL), "group name can't contain tabelators or newline characters"); + // new gid gid = this->nextGid_; while (this->gids_.find(gid) != this->gids_.end()) @@ -111,6 +114,9 @@ void VfsAuthn::vfsNewUser(const std::string& userName) throw (DmException) { unsigned int uid; UserInfo ui; + if (userName.find_first_of("\t\r\n") != std::string::npos) + vfsThrow(DMLITE_SYSERR(EINVAL), "user name can't contain tabelators or newline characters"); + // new uid uid = this->nextUid_; while (this->uids_.find(uid) != this->uids_.end())