group authentication doesn't work
Brought to you by:
jylitalo
Menu
▾
▴
Logged In: YES
user_id=40297
Browser: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
I downloaded mod_auth_samba-1.1.tar.gz earlier this
year (2000-02-11), but could not get group
authentication to work. After delving into the source
I discovered that strcpy call was copying from the
wrong offset and that the code expects all groups to
have leading and trailing spaces (including the first
and last one). I think that there was also the
potential for a buffer overflow due to code being told
that a buffer was one byte bigger than it actually was.
Hopefully these can be fixed in 1.2.
I did a quick and dirty patch to the code so that it
seems to work for me. The changes were:
diff mod_auth_samba.c mod_auth_samba.c.orig
14d13
< #include <unistd.h>
300,301c299
< /* datum package = { user , ( strlen( user ) + 1 )
* sizeof( char ) }; */
< datum package = { user , ( strlen( user ) ) *
sizeof( char ) };
---
> datum package = { user , ( strlen( user ) + 1 ) *
sizeof( char ) };
324,327c322,323
< full_list[0] = ' ';
< strncpy( full_list+1 , results.dptr , len );
< full_list[ len + 1 ] = ' ';
< full_list[ len + 2 ] = '\0';
---
> strncpy( full_list , results.dptr , len );
> full_list[ len ] = '\0';
regards
johng
Logged In: YES
user_id=14312
Browser: Mozilla/4.72 [en] (X11; I; Linux 2.2.17 i586)
What comes to risk of buffer overflow, its something that I
didn't pay too much attention, since the group database is
something that is created by admins own tools, so they are
not vulnerable to users attributes and such.
Still I have to admit its not beatiful and for that reason,
I probably should rewrite the group related parts of the
code so that we would have comma separated group list or
something and also provide some small tool to work as
converter from old ndbm to new ndbm (or if I would get
really energic Berkeley DB) with new format.