summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2006-02-20 23:22:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:10:16 -0500
commit4ea92f30985466489a3b3faf5a1c90667175aad6 (patch)
tree24e18123b87b06642767c05649989f37ff2628c6 /source3
parentb7e7a5ef20d1da508afa6ad5a3bf852049951711 (diff)
downloadsamba-4ea92f30985466489a3b3faf5a1c90667175aad6.tar.gz
samba-4ea92f30985466489a3b3faf5a1c90667175aad6.tar.bz2
samba-4ea92f30985466489a3b3faf5a1c90667175aad6.zip
r13581: Correctly parse a non-null terminated, little-endian UCS2 string in the
PAC_LOGON_NAME structure. This was broken on big-endian machines (Solaris SPARC and ppc). Fixes Bug #3330. Jerry, this should be in 3.0.21c. Guenther (This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/authdata.h2
-rw-r--r--source3/libads/authdata.c14
-rw-r--r--source3/rpc_parse/parse_prs.c43
3 files changed, 47 insertions, 12 deletions
diff --git a/source3/include/authdata.h b/source3/include/authdata.h
index 194429ab67..7e047687b7 100644
--- a/source3/include/authdata.h
+++ b/source3/include/authdata.h
@@ -42,7 +42,7 @@
typedef struct pac_logon_name {
NTTIME logon_time;
uint16 len;
- uint16 *username; /* might not be null terminated, so not UNISTR */
+ fstring username;
} PAC_LOGON_NAME;
typedef struct pac_signature_data {
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 55e736ce6a..bb4236c4fc 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -42,16 +42,7 @@ static BOOL pac_io_logon_name(const char *desc, PAC_LOGON_NAME *logon_name,
if (!prs_uint16("len", ps, depth, &logon_name->len))
return False;
- if (UNMARSHALLING(ps) && logon_name->len) {
- logon_name->username = PRS_ALLOC_MEM(ps, uint16, logon_name->len);
- if (!logon_name->username) {
- DEBUG(3, ("No memory available\n"));
- return False;
- }
- }
-
- if (!prs_uint16s(True, "name", ps, depth, logon_name->username,
- (logon_name->len / sizeof(uint16))))
+ if (!prs_string_len("name", ps, depth, logon_name->username, logon_name->len))
return False;
return True;
@@ -891,7 +882,8 @@ static void dump_pac_logon_info(PAC_LOGON_INFO *logon_info) {
nt_status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
- rpcstr_pull(username, logon_name->username, sizeof(username), -1, STR_TERMINATE);
+
+ rpcstr_pull(username, logon_name->username, sizeof(username), logon_name->len, 0);
ret = smb_krb5_parse_name_norealm(context, username, &client_principal_pac);
if (ret) {
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index c4f9f512ab..857a24cf0e 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -1333,6 +1333,49 @@ BOOL prs_string_alloc(const char *name, prs_struct *ps, int depth, const char **
}
/*******************************************************************
+ Stream a null-terminated string of fixed len.
+ ********************************************************************/
+
+BOOL prs_string_len(const char *name, prs_struct *ps, int depth, char *str, int len)
+{
+ char *q;
+ int i;
+ BOOL charmode = True;
+
+ q = prs_mem_get(ps, len+1);
+ if (q == NULL)
+ return False;
+
+ for(i = 0; i < len; i++) {
+ if (UNMARSHALLING(ps))
+ str[i] = q[i];
+ else
+ q[i] = str[i];
+ }
+
+ /* The terminating null. */
+ str[i] = '\0';
+
+ if (MARSHALLING(ps)) {
+ q[i] = '\0';
+ }
+
+ ps->data_offset += len+1;
+
+ DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
+ if (charmode) {
+ print_asc(5, (unsigned char*)str, len);
+ } else {
+ for (i = 0; i < len; i++)
+ DEBUG(5,("%04x ", str[i]));
+ }
+ DEBUG(5,("\n"));
+
+ return True;
+}
+
+
+/*******************************************************************
prs_uint16 wrapper. Call this and it sets up a pointer to where the
uint16 should be stored, or gets the size if reading.
********************************************************************/
generated by cgit (git 2.34.1) at 2025-01-01 01:43:40 +0000