diff options
author | Volker Lendecke <vl@samba.org> | 2010-02-20 21:32:07 +0100 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2010-02-20 21:35:03 +0100 |
commit | 77dd1b29bb34500c5643670dcca6094ab526ce44 (patch) | |
tree | 66619228a3acf71c0f0e437f809f64cd41e4aeb1 | |
parent | e38908ea65966387076b59352fd1ac6bccf13e33 (diff) | |
download | samba-77dd1b29bb34500c5643670dcca6094ab526ce44.tar.gz samba-77dd1b29bb34500c5643670dcca6094ab526ce44.tar.bz2 samba-77dd1b29bb34500c5643670dcca6094ab526ce44.zip |
s3: Make string_to_sid survive the LOCAL-string_to_sid test
-rw-r--r-- | source3/lib/util_sid.c | 53 |
1 files changed, 40 insertions, 13 deletions
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 20c2663de9..7d5dc1b3a9 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -225,27 +225,33 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr) uint32 conv; if ((sidstr[0] != 'S' && sidstr[0] != 's') || sidstr[1] != '-') { - DEBUG(3,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr)); - return False; + goto format_error; } ZERO_STRUCTP(sidout); /* Get the revision number. */ p = sidstr + 2; + + if (!isdigit(*p)) { + goto format_error; + } + conv = (uint32) strtoul(p, &q, 10); if (!q || (*q != '-')) { - DEBUG(3,("string_to_sid: Sid %s is not in a valid format.\n", sidstr)); - return False; + goto format_error; } sidout->sid_rev_num = (uint8) conv; q++; + if (!isdigit(*q)) { + goto format_error; + } + /* get identauth */ conv = (uint32) strtoul(q, &q, 10); if (!q || (*q != '-')) { - DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr)); - return False; + goto format_error; } /* identauth in decimal should be < 2^32 */ /* NOTE - the conv value is in big-endian format. */ @@ -259,16 +265,37 @@ bool string_to_sid(DOM_SID *sidout, const char *sidstr) q++; sidout->num_auths = 0; - for(conv = (uint32) strtoul(q, &q, 10); - q && (*q =='-' || *q =='\0') && (sidout->num_auths < MAXSUBAUTHS); - conv = (uint32) strtoul(q, &q, 10)) { - sid_append_rid(sidout, conv); - if (*q == '\0') + while (true) { + char *end; + + if (!isdigit(*q)) { + goto format_error; + } + + conv = strtoul(q, &end, 10); + if (end == q) { + goto format_error; + } + + if (!sid_append_rid(sidout, conv)) { + DEBUG(3, ("Too many sid auths in %s\n", sidstr)); + return false; + } + + q = end; + if (*q == '\0') { break; - q++; + } + if (*q != '-') { + goto format_error; + } + q += 1; } + return true; - return True; +format_error: + DEBUG(3, ("string_to_sid: SID %s is not in a valid format\n", sidstr)); + return false; } /***************************************************************** |