diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-09-02 10:45:58 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:58:29 -0500 |
| commit | 4d390df586ff1b4ba4b5bbfbde3c6393c6f5c829 (patch) | |
| tree | 4f298868ff860da16f31069e8282fced7eb9f80a /source4/librpc/ndr/ndr_basic.c | |
| parent | 01f704e5ecbf371e60640c45c7e9d3f66a5a9fe0 (diff) | |
| download | samba-4d390df586ff1b4ba4b5bbfbde3c6393c6f5c829.tar.gz samba-4d390df586ff1b4ba4b5bbfbde3c6393c6f5c829.tar.bz2 samba-4d390df586ff1b4ba4b5bbfbde3c6393c6f5c829.zip | |
r2180: added RPC flags "padcheck" which enables checking of all received pad
bytes to make sure they are zero. Non-zero values usually indicate one
of two things:
- the server is leaking data through sending uninitialised memory
- we have mistaken a real field in the IDL for padding
to differentiate between the two you really need to run with
"print,padcheck" and look carefully at whether the non-zero pad bytes
are random or appear to be deliberate.
(This used to be commit 7fdb778f81f14aaab75ab204431e4342a462957a)
Diffstat (limited to 'source4/librpc/ndr/ndr_basic.c')
| -rw-r--r-- | source4/librpc/ndr/ndr_basic.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c index 7f36f7e4ba..d015cc5e48 100644 --- a/source4/librpc/ndr/ndr_basic.c +++ b/source4/librpc/ndr/ndr_basic.c @@ -28,6 +28,31 @@ #define NDR_SSVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSSVAL(ndr->data,ofs,v); } else SSVAL(ndr->data,ofs,v); } while (0) #define NDR_SIVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSIVAL(ndr->data,ofs,v); } else SIVAL(ndr->data,ofs,v); } while (0) + +/* + check for data leaks from the server by looking for non-zero pad bytes + these could also indicate that real structure elements have been + mistaken for padding in the IDL +*/ +void ndr_check_padding(struct ndr_pull *ndr, size_t n) +{ + size_t ofs2 = (ndr->offset + (n-1)) & ~(n-1); + int i; + for (i=ndr->offset;i<ofs2;i++) { + if (ndr->data[i] != 0) { + break; + } + } + if (i<ofs2) { + DEBUG(0,("WARNING: Non-zero padding to %d: ", n)); + for (i=ndr->offset;i<ofs2;i++) { + DEBUG(0,("%02x ", ndr->data[i])); + } + DEBUG(0,("\n")); + } + +} + /* parse a uint8 */ |