Don't allow fully qualified Windows account names.

* uinfo.cc (pwdgrp::fetch_account_from_windows): Don't allow fully
	qualified Windows account names (domain\user or user@domain).

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

winsup/cygwin/ChangeLog

@@ -1,3 +1,8 @@
+2015-03-31  Corinna Vinschen  <corinna@vinschen.de>
+
+	* uinfo.cc (pwdgrp::fetch_account_from_windows): Don't allow fully
+	qualified Windows account names (domain\user or user@domain).
+
 2015-03-31  Corinna Vinschen  <corinna@vinschen.de>
 
 	* localtime.cc (tzset_unlocked): Export as _tzset_unlocked.

winsup/cygwin/uinfo.cc

@@ -1827,6 +1827,13 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
       fq_name = false;
       /* Copy over to wchar for search. */
       sys_mbstowcs (name, UNLEN + 1, arg.name);
+      /* If the incoming name has a backslash or at sign, and neither backslash
+	 nor at are the domain separator chars, the name is invalid. */
+      if ((p = wcspbrk (name, L"\\@")) && *p != cygheap->pg.nss_separator ()[0])
+	{
+	  debug_printf ("Invalid account name <%s> (backslash/at)", arg.name);
+	  return NULL;
+	}
       /* Replace domain separator char with backslash and make sure p is NULL
 	 or points to the backslash. */
       if ((p = wcschr (name, cygheap->pg.nss_separator ()[0])))