sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

lib/util: Add functions to escape log lines but not break all non-ascii

Browse Source 
We do not want to turn every non-ascii username into a pile of hex, so we instead focus
on avoding newline insertion attacks and other low control chars

Pair-programmed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Gary Lockyer 2017-03-01 11:10:29 +13:00 committed by Andrew Bartlett
parent 6adcaf1648
commit eacb5aead7
6 changed files with 251 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
lib/util/tests/util_str_escape.c Normal file
View File

@ -0,0 +1,90 @@
/*
util_str_escape testing
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2017
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "torture/torture.h"
#include "torture/local/proto.h"
#include "lib/util/util_str_escape.h"
static bool test_log_escape_empty_string(struct torture_context *tctx)
{
char *result = log_escape( tctx, "");
torture_assert_str_equal(tctx, result, "", "Empty string handling");
return true;
}
static bool test_log_escape_null_string(struct torture_context *tctx)
{
char *result = log_escape( tctx, NULL);
torture_assert(tctx, (result == NULL), "Empty string handling");
return true;
}
static bool test_log_escape_plain_string(struct torture_context *tctx)
{
const char *input = "a plain string with no escapable characters";
const char *expected = "a plain string with no escapable characters";
char *result = log_escape( tctx, input);
torture_assert_str_equal(tctx, result, expected,
"Plain string handling");
return true;
}
static bool test_log_escape_string(struct torture_context *tctx)
{
const char *input = "\a\b\f\n\r\t\v\\\x01";
const char *expected = "\\a\\b\\f\\n\\r\\t\\v\\\\\\x01";
char *result = log_escape( tctx, input);
torture_assert_str_equal(tctx, result, expected,
"Escapable characters in string");
return true;
}
static bool test_log_escape_hex_string(struct torture_context *tctx)
{
const char *input = "\x01\x1F ";
const char *expected = "\\x01\\x1F ";
char *result = log_escape( tctx, input);
torture_assert_str_equal(tctx, result, expected,
"hex escaping");
return true;
}
struct torture_suite *torture_local_util_str_escape(TALLOC_CTX *mem_ctx)
{
struct torture_suite *suite = torture_suite_create(mem_ctx,
"util_str_escape");
torture_suite_add_simple_test(suite, "log_escape_empty_string",
test_log_escape_empty_string);
torture_suite_add_simple_test(suite, "log_escape_null_string",
test_log_escape_null_string);
torture_suite_add_simple_test(suite, "log_escape_plain_string",
test_log_escape_plain_string);
torture_suite_add_simple_test(suite, "log_escape_string",
test_log_escape_string);
torture_suite_add_simple_test(suite, "log_escape_hex_string",
test_log_escape_hex_string);
return suite;
}

126
lib/util/util_str_escape.c Normal file
View File

@ -0,0 +1,126 @@
/*
Samba string escaping routines
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2017
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "lib/util/util_str_escape.h"
/*
* Calculate the encoded length of a character for log_escape
*
*/
static size_t encoded_length(char c)
{
if (c != '\\' && c > 0x1F) {
return 1;
} else {
switch (c) {
case '\a':
case '\b':
case '\f':
case '\n':
case '\r':
case '\t':
case '\v':
case '\\':
return 2; /* C escape sequence */
default:
return 4; /* hex escape \xhh */
}
}
}
/*
* Escape any control characters in the inputs to prevent them from
* interfering with the log output.
*/
char *log_escape(TALLOC_CTX *frame, const char *in)
{
size_t size = 0; /* Space to allocate for the escaped data */
char *encoded = NULL; /* The encoded string */
const char *c;
char *e;
if (in == NULL) {
return NULL;
}
/* Calculate the size required for the escaped array */
c = in;
while (*c) {
size += encoded_length( *c);
c++;
}
size++;
encoded = talloc_array( frame, char, size);
if (encoded == NULL) {
DBG_ERR( "Out of memory allocating encoded string");
return NULL;
}
c = in;
e = encoded;
while (*c) {
if (*c != '\\' && *c > 0x1F) {
*e++ = *c++;
} else {
switch (*c) {
case '\a':
*e++ = '\\';
*e++ = 'a';
break;
case '\b':
*e++ = '\\';
*e++ = 'b';
break;
case '\f':
*e++ = '\\';
*e++ = 'f';
break;
case '\n':
*e++ = '\\';
*e++ = 'n';
break;
case '\r':
*e++ = '\\';
*e++ = 'r';
break;
case '\t':
*e++ = '\\';
*e++ = 't';
break;
case '\v':
*e++ = '\\';
*e++ = 'v';
break;
case '\\':
*e++ = '\\';
*e++ = '\\';
break;
default:
snprintf(e, 5, "\\x%02X", *c);
e += 4;
}
c++;
}
}
*e = '\0';
return encoded;
}

27
lib/util/util_str_escape.h Normal file
View File

@ -0,0 +1,27 @@
/*
Samba string escaping routines
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2017
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _SAMBA_UTIL_STR_ESCAPE_H
#define _SAMBA_UTIL_STR_ESCAPE_H
#include <talloc.h>
char *log_escape(TALLOC_CTX *frame, const char *in);
#endif

5
lib/util/wscript_build
View File

@ -204,3 +204,8 @@ else:
source='access.c',
deps='interfaces samba-util',
local_include=False)
bld.SAMBA_SUBSYSTEM('util_str_escape',
source='util_str_escape.c',
deps='talloc',
local_include=False)

1
source4/torture/local/local.c
View File

@ -74,6 +74,7 @@
torture_local_verif_trailer,
torture_local_nss,
torture_local_fsrvp,
torture_local_util_str_escape,
NULL
};

3
source4/torture/local/wscript_build
View File

@ -20,11 +20,12 @@ TORTURE_LOCAL_SOURCE = '''../../../lib/util/charset/tests/iconv.c
../../../lib/util/tests/strv.c
../../../lib/util/tests/strv_util.c
../../../lib/util/tests/util.c
../../../lib/util/tests/util_str_escape.c
verif_trailer.c
nss_tests.c
fsrvp_state.c'''
TORTURE_LOCAL_DEPS = 'RPC_NDR_ECHO TDR LIBCLI_SMB MESSAGING iconv POPT_CREDENTIALS TORTURE_AUTH TORTURE_UTIL TORTURE_NDR TORTURE_LIBCRYPTO share torture_registry PROVISION ldb samdb replace-test RPC_FSS_STATE'
TORTURE_LOCAL_DEPS = 'RPC_NDR_ECHO TDR LIBCLI_SMB MESSAGING iconv POPT_CREDENTIALS TORTURE_AUTH TORTURE_UTIL TORTURE_NDR TORTURE_LIBCRYPTO share torture_registry PROVISION ldb samdb replace-test RPC_FSS_STATE util_str_escape'
bld.SAMBA_MODULE('TORTURE_LOCAL',
source=TORTURE_LOCAL_SOURCE,