summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-09-29 20:36:40 +0200
committerStefan Metzmacher <metze@samba.org>2010-10-23 10:58:14 +0200
commite297625d96a6ad6deba4edf2dc69756ba67aa452 (patch)
treeb3046c7e10183aab425c1987e1e274246f208476
parent4a4738b56a0ed34b9cea2c66a1867dbff1d785df (diff)
downloadsamba-e297625d96a6ad6deba4edf2dc69756ba67aa452.tar.gz
samba-e297625d96a6ad6deba4edf2dc69756ba67aa452.tar.bz2
samba-e297625d96a6ad6deba4edf2dc69756ba67aa452.zip
s4:rpc_server/netlogon: netr_GetDcName should return WERR_DCNOTFOUND for invalid names
Only netbios domain names are allowed. metze
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index b4fe5dca88..6f88a723cf 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -940,6 +940,25 @@ static WERROR dcesrv_netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_C
int ret;
const char *dcname;
+ /*
+ * [MS-NRPC] 3.5.5.3.4 NetrGetDCName says
+ * that the domainname needs to be a valid netbios domain
+ * name, if it is not NULL.
+ */
+ if (r->in.domainname) {
+ const char *dot = strchr(r->in.domainname, '.');
+ size_t len = strlen(r->in.domainname);
+
+ if (dot || len > 15) {
+ return WERR_DCNOTFOUND;
+ }
+
+ /*
+ * TODO: Should we also varify that only valid
+ * netbios name characters are used?
+ */
+ }
+
sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx,
dce_call->conn->dce_ctx->lp_ctx,
dce_call->conn->auth_state.session_info, 0);