summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-09-04 14:09:17 +1000
committerJeremy Allison <jra@samba.org>2010-09-14 14:48:49 -0700
commit51ecf796549287b7f10092778ffb52e018ae32fe (patch)
tree62332ae3a9aa27de14a3c00479da82059950e24f /source3/lib
parent72a8ea4d1545190bad85ee9f2216499e78b3625a (diff)
downloadsamba-51ecf796549287b7f10092778ffb52e018ae32fe.tar.gz
samba-51ecf796549287b7f10092778ffb52e018ae32fe.tar.bz2
samba-51ecf796549287b7f10092778ffb52e018ae32fe.zip
libcli/security Merge source3/ string_to_sid() to common code
The source3 code repsects the limit of a maximum of 15 subauths, while the source4 code does not, creating a security issue as we parse string-form SIDs from clients. Andrew Bartlett
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/util_sid.c106
1 files changed, 0 insertions, 106 deletions
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 1f65f77991..b0b8d0ef72 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -194,112 +194,6 @@ char *sid_string_tos(const struct dom_sid *sid)
return sid_string_talloc(talloc_tos(), sid);
}
-/*****************************************************************
- Convert a string to a SID. Returns True on success, False on fail.
-*****************************************************************/
-
-bool string_to_sid(struct dom_sid *sidout, const char *sidstr)
-{
- const char *p;
- char *q;
- /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
- uint32_t conv;
-
- if ((sidstr[0] != 'S' && sidstr[0] != 's') || sidstr[1] != '-') {
- goto format_error;
- }
-
- ZERO_STRUCTP(sidout);
-
- /* Get the revision number. */
- p = sidstr + 2;
-
- if (!isdigit(*p)) {
- goto format_error;
- }
-
- conv = (uint32_t) strtoul(p, &q, 10);
- if (!q || (*q != '-')) {
- goto format_error;
- }
- sidout->sid_rev_num = (uint8_t) conv;
- q++;
-
- if (!isdigit(*q)) {
- goto format_error;
- }
-
- /* get identauth */
- conv = (uint32_t) strtoul(q, &q, 10);
- if (!q) {
- goto format_error;
- } else if (*q == '\0') {
- /* Just id_auth, no subauths */
- } else if (*q != '-') {
- goto format_error;
- }
- /* identauth in decimal should be < 2^32 */
- /* NOTE - the conv value is in big-endian format. */
- sidout->id_auth[0] = 0;
- sidout->id_auth[1] = 0;
- sidout->id_auth[2] = (conv & 0xff000000) >> 24;
- sidout->id_auth[3] = (conv & 0x00ff0000) >> 16;
- sidout->id_auth[4] = (conv & 0x0000ff00) >> 8;
- sidout->id_auth[5] = (conv & 0x000000ff);
-
- sidout->num_auths = 0;
- if (*q == '\0') {
- return true;
- }
-
- q++;
-
- while (true) {
- char *end;
-
- if (!isdigit(*q)) {
- goto format_error;
- }
-
- conv = strtoul(q, &end, 10);
- if (end == q) {
- goto format_error;
- }
-
- if (!sid_append_rid(sidout, conv)) {
- DEBUG(3, ("Too many sid auths in %s\n", sidstr));
- return false;
- }
-
- q = end;
- if (*q == '\0') {
- break;
- }
- if (*q != '-') {
- goto format_error;
- }
- q += 1;
- }
- return true;
-
-format_error:
- DEBUG(3, ("string_to_sid: SID %s is not in a valid format\n", sidstr));
- return false;
-}
-
-/*****************************************************************
- Add a rid to the end of a sid
-*****************************************************************/
-
-bool sid_append_rid(struct dom_sid *sid, uint32_t rid)
-{
- if (sid->num_auths < ARRAY_SIZE(sid->sub_auths)) {
- sid->sub_auths[sid->num_auths++] = rid;
- return true;
- }
- return false;
-}
-
bool sid_compose(struct dom_sid *dst, const struct dom_sid *domain_sid, uint32 rid)
{
sid_copy(dst, domain_sid);