diff options
| author | Volker Lendecke <vl@samba.org> | 2010-01-23 14:53:54 +0100 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2010-01-23 16:28:11 +0100 |
| commit | 1fbeae41655b8305834f2149b1268077eba8633d (patch) | |
| tree | 178f2349a694246f2bbdadf7edbfc80ed86d932c | |
| parent | f1c889a4e61d6d751cbabd8014b4345b8051b97c (diff) | |
| download | samba-1fbeae41655b8305834f2149b1268077eba8633d.tar.gz samba-1fbeae41655b8305834f2149b1268077eba8633d.tar.bz2 samba-1fbeae41655b8305834f2149b1268077eba8633d.zip | |
libcli/security: Prohibit SID formats like S-1-5-32-+545
| -rw-r--r-- | libcli/security/dom_sid.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c index 6a046cd806..8a2ed1fccc 100644 --- a/libcli/security/dom_sid.c +++ b/libcli/security/dom_sid.c @@ -96,12 +96,20 @@ bool dom_sid_parse(const char *sidstr, struct dom_sid *ret) sidstr += 2; + if (!isdigit(sidstr[0])) { + return false; + } + rev = strtoul(sidstr, &p, 10); if (*p != '-') { return false; } sidstr = p+1; + if (!isdigit(sidstr[0])) { + return false; + } + ia = strtoul(sidstr, &p, 10); if (p == sidstr) { return false; @@ -131,6 +139,11 @@ bool dom_sid_parse(const char *sidstr, struct dom_sid *ret) return false; } sidstr++; + + if (!isdigit(sidstr[0])) { + return false; + } + ret->sub_auths[i] = strtoul(sidstr, &p, 10); if (p == sidstr) { return false; |