summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2010-02-20 21:32:07 +0100
committerVolker Lendecke <vl@samba.org>2010-02-20 21:35:03 +0100
commit77dd1b29bb34500c5643670dcca6094ab526ce44 (patch)
tree66619228a3acf71c0f0e437f809f64cd41e4aeb1
parente38908ea65966387076b59352fd1ac6bccf13e33 (diff)
downloadsamba-77dd1b29bb34500c5643670dcca6094ab526ce44.tar.gz
samba-77dd1b29bb34500c5643670dcca6094ab526ce44.tar.bz2
samba-77dd1b29bb34500c5643670dcca6094ab526ce44.zip
s3: Make string_to_sid survive the LOCAL-string_to_sid test
-rw-r--r--source3/lib/util_sid.c53
1 files changed, 40 insertions, 13 deletions
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 20c2663de9..7d5dc1b3a9 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -225,27 +225,33 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr)
uint32 conv;
if ((sidstr[0] != 'S' && sidstr[0] != 's') || sidstr[1] != '-') {
- DEBUG(3,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
- return False;
+ goto format_error;
}
ZERO_STRUCTP(sidout);
/* Get the revision number. */
p = sidstr + 2;
+
+ if (!isdigit(*p)) {
+ goto format_error;
+ }
+
conv = (uint32) strtoul(p, &q, 10);
if (!q || (*q != '-')) {
- DEBUG(3,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
- return False;
+ goto format_error;
}
sidout->sid_rev_num = (uint8) conv;
q++;
+ if (!isdigit(*q)) {
+ goto format_error;
+ }
+
/* get identauth */
conv = (uint32) strtoul(q, &q, 10);
if (!q || (*q != '-')) {
- DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
- return False;
+ goto format_error;
}
/* identauth in decimal should be < 2^32 */
/* NOTE - the conv value is in big-endian format. */
@@ -259,16 +265,37 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr)
q++;
sidout->num_auths = 0;
- for(conv = (uint32) strtoul(q, &q, 10);
- q && (*q =='-' || *q =='\0') && (sidout->num_auths < MAXSUBAUTHS);
- conv = (uint32) strtoul(q, &q, 10)) {
- sid_append_rid(sidout, conv);
- if (*q == '\0')
+ while (true) {
+ char *end;
+
+ if (!isdigit(*q)) {
+ goto format_error;
+ }
+
+ conv = strtoul(q, &end, 10);
+ if (end == q) {
+ goto format_error;
+ }
+
+ if (!sid_append_rid(sidout, conv)) {
+ DEBUG(3, ("Too many sid auths in %s\n", sidstr));
+ return false;
+ }
+
+ q = end;
+ if (*q == '\0') {
break;
- q++;
+ }
+ if (*q != '-') {
+ goto format_error;
+ }
+ q += 1;
}
+ return true;
- return True;
+format_error:
+ DEBUG(3, ("string_to_sid: SID %s is not in a valid format\n", sidstr));
+ return false;
}
/*****************************************************************