2024-08-28 16:23:13 |
Jean-Baptiste Lallement |
bug |
|
|
added bug |
2024-08-28 16:23:51 |
Jean-Baptiste Lallement |
summary |
username overwritten during rewrite from / to @ |
rewrite from / to @ formats overwrites usernames |
|
2024-09-02 15:47:51 |
Launchpad Janitor |
adsys (Ubuntu): status |
New |
Fix Released |
|
2024-09-06 08:10:13 |
Jean-Baptiste Lallement |
description |
[placeholder for https://warthogs.atlassian.net/browse/UDENG-4314] |
[ Impact ]
In this code, the string was not zero terminated properly when overwritten resulting in extra characters:
static char *slash_to_at_username(const char *username) {
char *backslash = strchr(username, '\\');
if (backslash != NULL) {
char *ret = malloc((strlen(username) + 1) * sizeof(char));
strcpy(ret, backslash + 1);
strcat(ret, "@");
strncpy(ret + strlen(ret), username, backslash - username);
return ret;
}
return strdup(username);
For instance:
domain.tld\\user was changed to user@domain.tldld
So se user cannot login with the domain\user format
[ Test Plan ]
1. On a machine joined to an AD domain with ADsys installed, login with domain\user
=> Without the patch the user cannot log in
=> With the patch the user can log in
[ Where problems could occur ]
Worst case the user still cannot log in |
|
2024-09-06 08:10:21 |
Jean-Baptiste Lallement |
nominated for series |
|
Ubuntu Noble |
|
2024-09-06 08:10:21 |
Jean-Baptiste Lallement |
bug task added |
|
adsys (Ubuntu Noble) |
|
2024-09-06 08:10:21 |
Jean-Baptiste Lallement |
nominated for series |
|
Ubuntu Jammy |
|
2024-09-06 08:10:21 |
Jean-Baptiste Lallement |
bug task added |
|
adsys (Ubuntu Jammy) |
|
2024-09-06 12:24:06 |
Jean-Baptiste Lallement |
description |
[ Impact ]
In this code, the string was not zero terminated properly when overwritten resulting in extra characters:
static char *slash_to_at_username(const char *username) {
char *backslash = strchr(username, '\\');
if (backslash != NULL) {
char *ret = malloc((strlen(username) + 1) * sizeof(char));
strcpy(ret, backslash + 1);
strcat(ret, "@");
strncpy(ret + strlen(ret), username, backslash - username);
return ret;
}
return strdup(username);
For instance:
domain.tld\\user was changed to user@domain.tldld
So se user cannot login with the domain\user format
[ Test Plan ]
1. On a machine joined to an AD domain with ADsys installed, login with domain\user
=> Without the patch the user cannot log in
=> With the patch the user can log in
[ Where problems could occur ]
Worst case the user still cannot log in |
tracking bug https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2078245
[ Impact ]
In this code, the string was not zero terminated properly when overwritten resulting in extra characters:
static char *slash_to_at_username(const char *username) {
char *backslash = strchr(username, '\\');
if (backslash != NULL) {
char *ret = malloc((strlen(username) + 1) * sizeof(char));
strcpy(ret, backslash + 1);
strcat(ret, "@");
strncpy(ret + strlen(ret), username, backslash - username);
return ret;
}
return strdup(username);
For instance:
domain.tld\\user was changed to user@domain.tldld
So se user cannot login with the domain\user format
[ Test Plan ]
1. On a machine joined to an AD domain with ADsys installed, login with domain\user
=> Without the patch the user cannot log in
=> With the patch the user can log in
[ Where problems could occur ]
Worst case the user still cannot log in |
|
2024-09-17 14:13:20 |
Łukasz Zemczak |
adsys (Ubuntu Noble): status |
New |
Fix Committed |
|
2024-09-17 14:13:22 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2024-09-17 14:13:25 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
2024-09-17 14:13:28 |
Łukasz Zemczak |
tags |
|
verification-needed verification-needed-noble |
|
2024-09-17 14:15:08 |
Łukasz Zemczak |
adsys (Ubuntu Jammy): status |
New |
Fix Committed |
|
2024-09-17 14:15:12 |
Łukasz Zemczak |
tags |
verification-needed verification-needed-noble |
verification-needed verification-needed-jammy verification-needed-noble |
|
2024-09-20 14:36:57 |
Denison Barbosa |
tags |
verification-needed verification-needed-jammy verification-needed-noble |
verification-done verification-done-jammy verification-done-noble |
|
2024-09-26 16:33:50 |
Andreas Hasenack |
tags |
verification-done verification-done-jammy verification-done-noble |
verification-done verification-needed-jammy verification-needed-noble |
|
2024-09-26 18:00:48 |
Denison Barbosa |
tags |
verification-done verification-needed-jammy verification-needed-noble |
verification-done verification-done-jammy verification-done-noble |
|
2024-09-26 20:09:45 |
Launchpad Janitor |
adsys (Ubuntu Noble): status |
Fix Committed |
Fix Released |
|
2024-09-26 20:10:05 |
Andreas Hasenack |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2024-09-26 20:11:02 |
Launchpad Janitor |
adsys (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|