sssd/0032-SECRETS-Return-a-nicer-error-message-on-request-with.patch

From 73ce539aa70f43ccd5302b3ef8a02ff028558b12 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Fri, 3 Feb 2017 14:33:47 +0100
Subject: [PATCH 32/97] SECRETS: Return a nicer error message on request with
 no PUT data
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

I managed to create this pathological situation with the tcurl tool
which didn't send any PUT data. The error in sssd-secrets was quite
strange (ENOMEM). This patch just adds a safeguard sooner so that we
return a graceful error.

Reviewed-by: Michal Židek <mzidek@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
 src/responder/secrets/local.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/responder/secrets/local.c b/src/responder/secrets/local.c
index 9dcdd9925e542499d3a962b4998103b07c26a5ab..26c97a2849febbf0ac482d526cf927bfc103b4f2 100644
--- a/src/responder/secrets/local.c
+++ b/src/responder/secrets/local.c
@@ -853,6 +853,12 @@ static struct tevent_req *local_secret_req(TALLOC_CTX *mem_ctx,
         break;
 
     case HTTP_PUT:
+        if (secreq->body.length == 0) {
+            DEBUG(SSSDBG_OP_FAILURE, "PUT with no data\n");
+            ret = EINVAL;
+            goto done;
+        }
+
         DEBUG(SSSDBG_TRACE_LIBS, "Processing HTTP PUT at [%s]\n", lc_req->path);
         if (body_is_json) {
             ret = sec_json_to_simple_secret(state, secreq->body.data,
-- 
2.12.2
Backport upstream patches for 1.15.3 pre-release required for building freeipa-4.5.x in rawhide 2017-04-04 14:22:39 +00:00			`From 73ce539aa70f43ccd5302b3ef8a02ff028558b12 Mon Sep 17 00:00:00 2001`
			`From: Jakub Hrozek <jhrozek@redhat.com>`
			`Date: Fri, 3 Feb 2017 14:33:47 +0100`
			`Subject: [PATCH 32/97] SECRETS: Return a nicer error message on request with`
			`no PUT data`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`I managed to create this pathological situation with the tcurl tool`
			`which didn't send any PUT data. The error in sssd-secrets was quite`
			`strange (ENOMEM). This patch just adds a safeguard sooner so that we`
			`return a graceful error.`

			`Reviewed-by: Michal Židek <mzidek@redhat.com>`
			`Reviewed-by: Simo Sorce <simo@redhat.com>`
			`---`
			`src/responder/secrets/local.c \| 6 ++++++`
			`1 file changed, 6 insertions(+)`

			`diff --git a/src/responder/secrets/local.c b/src/responder/secrets/local.c`
			`index 9dcdd9925e542499d3a962b4998103b07c26a5ab..26c97a2849febbf0ac482d526cf927bfc103b4f2 100644`
			`--- a/src/responder/secrets/local.c`
			`+++ b/src/responder/secrets/local.c`
			`@@ -853,6 +853,12 @@ static struct tevent_req local_secret_req(TALLOC_CTX mem_ctx,`
			`break;`

			`case HTTP_PUT:`
			`+ if (secreq->body.length == 0) {`
			`+ DEBUG(SSSDBG_OP_FAILURE, "PUT with no data\n");`
			`+ ret = EINVAL;`
			`+ goto done;`
			`+ }`
			`+`
			`DEBUG(SSSDBG_TRACE_LIBS, "Processing HTTP PUT at [%s]\n", lc_req->path);`
			`if (body_is_json) {`
			`ret = sec_json_to_simple_secret(state, secreq->body.data,`
			`--`
			`2.12.2`