From de6f09988d84752e5333cba1fa69c5a685e903b7 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Fri, 17 Apr 2009 11:40:17 +0200
Subject: [PATCH] s3:registry: Prevent creation of keys containing the '/'
 character.

Even though "net conf setparm abc/def comment xyz" does not
create a broken registry we do not want such keys to be created.
Since we get problems accessing these with "net registry" since
the registry code treats the '/' sign as a separator as a lower
level.

This makes e.g. "net conf setparm abc/def comment xyz" fail with
WERR_INVALID_PARAM, which is much more desirable than a broken
registry.tdb.

Michael
---
 source/registry/reg_api.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/source/registry/reg_api.c b/source/registry/reg_api.c
index e9a71452556..4678636b817 100644
--- a/source/registry/reg_api.c
+++ b/source/registry/reg_api.c
@@ -455,6 +455,16 @@ WERROR reg_createkey(TALLOC_CTX *ctx, struct registry_key *parent,
 	char *path, *end;
 	WERROR err;
 
+	/*
+	 * We must refuse to handle subkey-paths containing
+	 * a '/' character because at a lower level, after
+	 * normalization, '/' is treated as a key separator
+	 * just like '\\'.
+	 */
+	if (strchr(subkeypath, '/') != NULL) {
+		return WERR_INVALID_PARAM;
+	}
+
 	if (!(mem_ctx = talloc_new(ctx))) return WERR_NOMEM;
 
 	if (!(path = talloc_strdup(mem_ctx, subkeypath))) {
-- 
2.11.4.GIT