Validate user name for CIFS

Providing comma (,) in username can lead to inject some unappropriate mount options. In opposite to password, username is not escaped by kernel driver so we have to disallow such entries. Tested: Manually mounting CIFS share with comma Change-Id: I20ff5089d04f07d7e6aa3190fe83babdd7acfe96 Signed-off-by: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>
author: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com> 2021-05-11 13:37:46 +0300
committer: Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com> 2021-05-20 19:11:09 +0300
commit: ebf1d1e6045b066431c78a44e250e051ac0361ed (patch)
tree: 38c420f2ce7deace4405426b60078a7527f7b43c /src/utils.hpp
parent: 0315081e9ea897772f3db6946364a2018a27d649 (diff)
download: virtual-media-ebf1d1e6045b066431c78a44e250e051ac0361ed.tar.xz
1 files changed, 2 insertions, 3 deletions
diff --git a/src/utils.hpp b/src/utils.hpp
index ebbdaf6..fd2e320 100644
--- a/src/utils.hpp
+++ b/src/utils.hpp
@@ -1,13 +1,13 @@
 #pragma once
 
+#include <algorithm>
 #include <boost/process/async_pipe.hpp>
 #include <boost/type_traits/has_dereference.hpp>
-#include <cstring>
 #include <filesystem>
-#include <fstream>
 #include <memory>
 #include <sdbusplus/asio/object_server.hpp>
 #include <string>
+#include <vector>
 
 namespace fs = std::filesystem;
 
@@ -50,7 +50,6 @@ class Credentials
     {
         if (!commasEscaped)
         {
-            escapeComma(userBuf);
             escapeComma(passBuf);
             commasEscaped = true;
         }
author	Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>	2021-05-11 13:37:46 +0300
committer	Czarnowski, Przemyslaw <przemyslaw.hawrylewicz.czarnowski@intel.com>	2021-05-20 19:11:09 +0300
commit	ebf1d1e6045b066431c78a44e250e051ac0361ed (patch)
tree	38c420f2ce7deace4405426b60078a7527f7b43c /src/utils.hpp
parent	0315081e9ea897772f3db6946364a2018a27d649 (diff)
download	virtual-media-ebf1d1e6045b066431c78a44e250e051ac0361ed.tar.xz