Univention Bugzilla – Full Text Bug Listing |
Summary: | broken ldap filters in printer.py and printergroup.py causes no validation when changing quota settings | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | UMC - Printers | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Johannes Keiser <keiser> |
Severity: | normal | ||
Priority: | P5 | CC: | wiegand |
Version: | UCS 4.1 | Flags: | best:
Patch_Available+
|
Target Milestone: | UCS 4.2-1-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=29707 | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 3: Simply Wrong: The implementation doesn't match the docu |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 2: A Pain – users won’t like this once they notice it |
User Pain: | 0.103 | Enterprise Customer affected?: | |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Cleanup, Error handling, Troubleshooting | |
Max CVSS v3 score: | |||
Attachments: | patch |
Created attachment 7501 [details]
patch
Patch (did not test it live but should work fine :))
*** Bug 7430 has been marked as a duplicate of this bug. *** Rebased patch has been applied. Some changes like the escaping were already done. Some typos have been fixed which would cause tracebacks. Now when trying to remove a printer which is part of a printer group with no other members an error message is shown and vice versa. The detection for multiple spool hosts is also working, which is needed since Bug #29707. univention-directory-manager-modules (12.0.17-88): r81136 | Bug #40765: fix validation of modifying/removing of printers / printer groups univention-directory-manager-modules.yaml: r81137 | YAML Bug #40765 OK Deleting a printer with multiple spoolhosts from printergroup with only one member shows error YAML: OK -> verified |
univention/admin/handlers/shares/printer.py: 328 » » » printergroups=self.lo.searchDn(filter='(&(objectClass=univentionPrinterGroup)(univentionPrinterQuotaSupport=1)(univentionPrinterSpoolHost=%s))' % self.info['spoolHost']) >>> filter='(&(objectClass=univentionPrinterGroup)(univentionPrinterQuotaSupport=1)(univentionPrinterSpoolHost=%s))' % self.info['spoolHost'] >>> filter "(&(objectClass=univentionPrinterGroup)(univentionPrinterQuotaSupport=1)(univentionPrinterSpoolHost=['master90.ucs.test']))" → Broken LDAP filter! 1. Filter is broken as it contains the python representation of a list 2. Filter is broken because a multivalue field is used to create one filter 3. There is no escaping of invalid characters leading to ldap search filter injections. Broken in printer.py: _ldap_pre_modify, _ldap_pre_remove Broken in printergroup.py: _ldap_modlist, _ldap_pre_remove, isValidPrinterObject