Skip to content
Browse files

force usernames to be alpha numeric chars and dashes

  • Loading branch information...
1 parent c047dca commit 402c7033d50be4b8faa430002f42ebf894539a6d @mrash committed Oct 12, 2012
Showing with 10 additions and 0 deletions.
  1. +10 −0 lib/fko_user.c
View
10 lib/fko_user.c
@@ -41,6 +41,7 @@ int
fko_set_username(fko_ctx_t ctx, const char *spoof_user)
{
char *username = NULL;
+ int i;
/* Must be initialized
*/
@@ -87,6 +88,15 @@ fko_set_username(fko_ctx_t ctx, const char *spoof_user)
if(strnlen(username, MAX_SPA_USERNAME_SIZE) == MAX_SPA_USERNAME_SIZE)
*(username + MAX_SPA_USERNAME_SIZE - 1) = '\0';
+ /* Make sure it is just alpha-numeric chars and dashes
+ */
+ if(isalnum(username[0]) == 0)
+ return(FKO_ERROR_INVALID_DATA);
+
+ for (i=1; i < strnlen(username, MAX_SPA_USERNAME_SIZE); i++)
+ if((isalnum(username[i]) == 0) && username[i] != '-')
+ return(FKO_ERROR_INVALID_DATA);
+
/* Just in case this is a subsquent call to this function. We
* do not want to be leaking memory.
*/

0 comments on commit 402c703

Please sign in to comment.
Something went wrong with that request. Please try again.