From ddda18a37ac4b732ad109dbb129255dc3edd8fbb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Fri, 3 Feb 2017 14:33:47 +0100
Subject: [PATCH 30/36] SECRETS: Return a nicer error message on request with
 no PUT data
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

I managed to create this pathological situation with the tcurl tool
which didn't send any PUT data. The error in sssd-secrets was quite
strange (ENOMEM). This patch just adds a safeguard sooner so that we
return a graceful error.

Reviewed-by: Michal Židek <mzidek@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
 src/responder/secrets/local.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/responder/secrets/local.c b/src/responder/secrets/local.c
index 9dcdd9925e542499d3a962b4998103b07c26a5ab..26c97a2849febbf0ac482d526cf927bfc103b4f2 100644
--- a/src/responder/secrets/local.c
+++ b/src/responder/secrets/local.c
@@ -853,6 +853,12 @@ static struct tevent_req *local_secret_req(TALLOC_CTX *mem_ctx,
         break;
 
     case HTTP_PUT:
+        if (secreq->body.length == 0) {
+            DEBUG(SSSDBG_OP_FAILURE, "PUT with no data\n");
+            ret = EINVAL;
+            goto done;
+        }
+
         DEBUG(SSSDBG_TRACE_LIBS, "Processing HTTP PUT at [%s]\n", lc_req->path);
         if (body_is_json) {
             ret = sec_json_to_simple_secret(state, secreq->body.data,
-- 
2.9.3