summaryrefslogtreecommitdiff
path: root/source4/build/pidl
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-10-13 12:55:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:59:50 -0500
commit8d0f79595b4220736b7e84d30440035780044078 (patch)
treee6dba1a21b9486f953fd8df6c8d1548840b9f0fc /source4/build/pidl
parent2003ab2598e7dc93ceb2afc7f71986e5f27758b8 (diff)
downloadsamba-8d0f79595b4220736b7e84d30440035780044078.tar.gz
samba-8d0f79595b4220736b7e84d30440035780044078.tar.bz2
samba-8d0f79595b4220736b7e84d30440035780044078.zip
r2948: added support for the [range(low,high)] attribute in pidl. This allows
range checking of any integer value, to help protect against denial of service attacks (which could otherwise cause large memory allocations) (This used to be commit dbe6430d78f1b9aa59969074077e4afa5adf7570)
Diffstat (limited to 'source4/build/pidl')
-rw-r--r--source4/build/pidl/parser.pm5
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/build/pidl/parser.pm b/source4/build/pidl/parser.pm
index edecc24284..abf5785a45 100644
--- a/source4/build/pidl/parser.pm
+++ b/source4/build/pidl/parser.pm
@@ -547,6 +547,11 @@ sub ParseElementPullScalar($$$)
} else {
pidl "\tNDR_CHECK(ndr_pull_$e->{TYPE}(ndr, $ndr_flags, $cprefix$var_prefix$e->{NAME}));\n";
}
+ if (my $range = util::has_property($e, "range")) {
+ my ($low, $high) = split(/ /, $range, 2);
+ pidl "\tif ($var_prefix$e->{NAME} < $low || $var_prefix$e->{NAME} > $high) {\n";
+ pidl "\t\treturn ndr_pull_error(ndr, NDR_ERR_RANGE, \"value out of range\");\n\t}\n";
+ }
end_flags($e);
}