Bug 42262 – Improve LDAP search filter for libunivention-license

Bug 42262 - Improve LDAP search filter for libunivention-license


Summary:	Improve LDAP search filter for libunivention-license

Status:	CLOSED DUPLICATE of bug 35157

Product:	UCS
Classification:	Unclassified
Component:	License
Version:	UCS 3.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Felix Botner
QA Contact:	Florian Best

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2016-09-05 17:16 CEST by Michel Smidt
Modified:	2017-06-19 10:55 CEST (History)
CC List:	3 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	4: A User would return the product
User Pain:	0.046
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Flags:	michelsmidt: Patch_Available+

Attachments
Log (53.50 KB, text/plain) 2016-09-05 17:16 CEST, Michel Smidt	Details
Patch (1.10 KB, patch) 2016-09-05 17:16 CEST, Michel Smidt	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michel Smidt 2016-09-05 17:16:12 CEST

Created attachment 7979 [details]
Log

The ldapsearch from the current licence check from libunivention-license seems to be too extensive. For a project where we implemented restrictive ACL's the licence check runs into limits.

Attached a anonymised log & a patch.

Comment 1 Michel Smidt 2016-09-05 17:16:44 CEST

Created attachment 7980 [details]
Patch

Comment 2 Florian Best

2016-09-07 13:14:28 CEST

Note: The LDAP filter is not escaped and allow arbitrary search filter injections, e.g.:
univention.license.select(')(objectClass=*')

Comment 3 Florian Best

2017-01-05 15:04:29 CET

This has been fixed during Bug #35157 in UCS 4.1-4.
@Michel, or do you need to have this for UCS 3.3?

*** This bug has been marked as a duplicate of bug 35157 ***

Comment 4 Florian Best

2017-01-09 15:41:30 CET

@Michel, reopen if you need this for UCS 3.3

<http://errata.software-univention.de/ucs/4.1/352.html>