r5736: fix to avoid endless recursion in ndr_size_*() calculation

metze
(This used to be commit eaac0f214703f91f186eb54f97e15e56461762bd)

2 files changed, 11 insertions, 2 deletions

diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h
index e2ac4279f1..19d4356681 100644
--- a/source4/librpc/ndr/libndr.h
+++ b/source4/librpc/ndr/libndr.h
@@ -132,6 +132,9 @@ struct ndr_print {
 /* set if an object uuid will be present */
 #define LIBNDR_FLAG_OBJECT_PRESENT    (1<<30)
 
+/* set to avoid recursion in ndr_size_*() calculation */
+#define LIBNDR_FLAG_NO_NDR_SIZE		(1<<31)
+
 /* useful macro for debugging */
 #define NDR_PRINT_DEBUG(type, p) ndr_print_debug((ndr_print_fn_t)ndr_print_ ##type, #p, p)
 #define NDR_PRINT_UNION_DEBUG(type, level, p) ndr_print_union_debug((ndr_print_union_fn_t)ndr_print_ ##type, #p, level, p)
diff --git a/source4/librpc/ndr/ndr.c b/source4/librpc/ndr/ndr.c
index 2e350aa0da..f3394d1e44 100644
--- a/source4/librpc/ndr/ndr.c
+++ b/source4/librpc/ndr/ndr.c
@@ -789,9 +789,12 @@ size_t ndr_size_struct(const void *p, int flags, ndr_push_flags_fn_t push)
 	NTSTATUS status;
 	size_t ret;
 
+	/* avoid recursion */
+	if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0;
+
 	ndr = ndr_push_init_ctx(NULL);
 	if (!ndr) return 0;
-	ndr->flags |= flags;
+	ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE;
 	status = push(ndr, NDR_SCALARS|NDR_BUFFERS, discard_const(p));
 	if (!NT_STATUS_IS_OK(status)) {
 		return 0;
@@ -810,9 +813,12 @@ size_t ndr_size_union(const void *p, int flags, uint32_t level, ndr_push_union_f
 	NTSTATUS status;
 	size_t ret;
 
+	/* avoid recursion */
+	if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0;
+
 	ndr = ndr_push_init_ctx(NULL);
 	if (!ndr) return 0;
-	ndr->flags |= flags;
+	ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE;
 	status = push(ndr, NDR_SCALARS|NDR_BUFFERS, level, discard_const(p));
 	if (!NT_STATUS_IS_OK(status)) {
 		return 0;