diff options
| author | Günther Deschner <gd@samba.org> | 2010-09-16 00:19:51 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2010-09-16 00:20:47 +0200 |
| commit | db8cfda320d0e2453d01cdae884fd8aa108bcda7 (patch) | |
| tree | 494d83c8a320c6cee8deaace83065a7e6ece9bcb /source3 | |
| parent | fe59119e06d334a06052b4aac71679488f581383 (diff) | |
| download | samba-db8cfda320d0e2453d01cdae884fd8aa108bcda7.tar.gz samba-db8cfda320d0e2453d01cdae884fd8aa108bcda7.tar.bz2 samba-db8cfda320d0e2453d01cdae884fd8aa108bcda7.zip | |
s3-smbd: prevent call_nt_transact_ioctl() crash in FSCTL_FIND_FILES_BY_SID case.
Jeremy, please check.
Guenther
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/smbd/nttrans.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 9b3085c327..beb5b50502 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -2255,7 +2255,10 @@ static void call_nt_transact_ioctl(connection_struct *conn, /* unknown 4 bytes: this is not the length of the sid :-( */ /*unknown = IVAL(pdata,0);*/ - sid_parse(pdata+4,sid_len,&sid); + if (!sid_parse(pdata+4,sid_len,&sid)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } DEBUGADD(10, ("for SID: %s\n", sid_string_dbg(&sid))); if (!sid_to_uid(&sid, &uid)) { |