** Description changed:
- [placeholder for https://warthogs.atlassian.net/browse/UDENG-4314]
+ [ Impact ]
+
+ In this code, the string was not zero terminated properly when
+ overwritten resulting in extra characters:
+
+ static char *slash_to_at_username(const char *username) {
+ char *backslash = strchr(username, '\\');
+ if (backslash != NULL) {
+ char *ret = malloc((strlen(username) + 1) * sizeof(char));
+ strcpy(ret, backslash + 1);
+ strcat(ret, "@");
+ strncpy(ret + strlen(ret), username, backslash - username);
+ return ret;
+ }
+ return strdup(username);
+
+ For instance:
+ domain.tld\\user was changed to user@domain.tldld
+
+ So se user cannot login with the domain\user format
+
+ [ Test Plan ]
+
+ 1. On a machine joined to an AD domain with ADsys installed, login with
+ domain\user
+
+ => Without the patch the user cannot log in
+ => With the patch the user can log in
+
+
+ [ Where problems could occur ]
+
+ Worst case the user still cannot log in
** Also affects: adsys (Ubuntu Noble)
Importance: Undecided
Status: New
** Also affects: adsys (Ubuntu Jammy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2078247
Title:
rewrite from / to @ formats overwrites usernames
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2078247/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
