diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-10-13 12:55:10 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:59:50 -0500 |
commit | 8d0f79595b4220736b7e84d30440035780044078 (patch) | |
tree | e6dba1a21b9486f953fd8df6c8d1548840b9f0fc /source4/build/pidl | |
parent | 2003ab2598e7dc93ceb2afc7f71986e5f27758b8 (diff) | |
download | samba-8d0f79595b4220736b7e84d30440035780044078.tar.gz samba-8d0f79595b4220736b7e84d30440035780044078.tar.bz2 samba-8d0f79595b4220736b7e84d30440035780044078.zip |
r2948: added support for the [range(low,high)] attribute in pidl. This allows
range checking of any integer value, to help protect against denial of
service attacks (which could otherwise cause large memory allocations)
(This used to be commit dbe6430d78f1b9aa59969074077e4afa5adf7570)
Diffstat (limited to 'source4/build/pidl')
-rw-r--r-- | source4/build/pidl/parser.pm | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/build/pidl/parser.pm b/source4/build/pidl/parser.pm index edecc24284..abf5785a45 100644 --- a/source4/build/pidl/parser.pm +++ b/source4/build/pidl/parser.pm @@ -547,6 +547,11 @@ sub ParseElementPullScalar($$$) } else { pidl "\tNDR_CHECK(ndr_pull_$e->{TYPE}(ndr, $ndr_flags, $cprefix$var_prefix$e->{NAME}));\n"; } + if (my $range = util::has_property($e, "range")) { + my ($low, $high) = split(/ /, $range, 2); + pidl "\tif ($var_prefix$e->{NAME} < $low || $var_prefix$e->{NAME} > $high) {\n"; + pidl "\t\treturn ndr_pull_error(ndr, NDR_ERR_RANGE, \"value out of range\");\n\t}\n"; + } end_flags($e); } |