Fix Bug #1175: bareos crashes with invalid character in ACL#410
Merged
arogge merged 4 commits intobareos:masterfrom Feb 11, 2020
Merged
Fix Bug #1175: bareos crashes with invalid character in ACL#410arogge merged 4 commits intobareos:masterfrom
arogge merged 4 commits intobareos:masterfrom
Conversation
franku
reviewed
Feb 7, 2020
| @@ -0,0 +1,24 @@ | |||
| #!/bin/sh | |||
| # | |||
| # Run a simple backup | |||
Contributor
There was a problem hiding this comment.
A comment could help to understand that the config does not crash the director because of the invalid ACL Syntax.
Contributor
There was a problem hiding this comment.
The unittest looks reasonable.
franku
reviewed
Feb 7, 2020
|
|
||
| TEST(acl_entry_syntax_test, acl_entry_syntax_test) | ||
| { | ||
| std::vector<char> msg{}; |
Contributor
There was a problem hiding this comment.
Suggested change
| std::vector<char> msg{}; | |
| std::vector<char> msg; |
7a77f17 to
3b65c5d
Compare
Bug bareos#1175 - bareos crashes with invalid character in ACL When a profile configuration contains an entry that is detected as invalid, the director crashes. This test reproduces this problem.
Previously Mmsg() would only write into a POOLMEM or PoolMem. This patch adds another overload that allows Mmsg() to write to a std::vector<char> and to automatically resize that vector as needed.
Fixes bareos#1175: bareos crashes with invalid character in ACL Previously IsAclEntryValid() took a char* as a parameter that was expected to be a POOLMEM (and would have been resized when an error occured). This char* has been replaced by a std::vector<char>& and the new overload for Mmsg() is now used to format a message.
Bug bareos#1175: bareos crashes with invalid character in ACL The newly introduced IsAclEntryValid() allowed only "!*.:_-'/" as chars in an ACL. As regular expressions are possible in ACLs this list did not allow some previously valid ACLs to be configured. This patch extends the list to allow "!()[]|+?*.:_-'/" which will allow most syntaxes. We do not add "{}," intentionally, because this would re-allow the wrong ACL syntaxes that the original change tried to catch (i.e. adding a string with comma-separated resource names instead of a list of resource names).
3b65c5d to
1449105
Compare
15 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bareos crashed when an invalid ACL syntax was detected. This patch adds a systemtest to check for this behaviour and a fix for the problem.