summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--librpc/gen_ndr/cli_svcctl.c4
-rw-r--r--librpc/gen_ndr/cli_svcctl.h4
-rw-r--r--librpc/gen_ndr/ndr_svcctl.c106
-rw-r--r--librpc/gen_ndr/ndr_svcctl.h1
-rw-r--r--librpc/gen_ndr/svcctl.h10
-rw-r--r--librpc/idl/svcctl.idl12
6 files changed, 119 insertions, 18 deletions
diff --git a/librpc/gen_ndr/cli_svcctl.c b/librpc/gen_ndr/cli_svcctl.c
index f6cedfbc7c..a95a4e72f7 100644
--- a/librpc/gen_ndr/cli_svcctl.c
+++ b/librpc/gen_ndr/cli_svcctl.c
@@ -956,8 +956,8 @@ NTSTATUS rpccli_svcctl_QueryServiceLockStatusW(struct rpc_pipe_client *cli,
NTSTATUS rpccli_svcctl_StartServiceW(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle /* [in] [ref] */,
- uint32_t NumArgs /* [in] */,
- const char *Arguments /* [in] [unique,charset(UTF16)] */,
+ uint32_t NumArgs /* [in] [range(0,SC_MAX_ARGUMENTS)] */,
+ struct svcctl_ArgumentString *Arguments /* [in] [unique,size_is(NumArgs)] */,
WERROR *werror)
{
struct svcctl_StartServiceW r;
diff --git a/librpc/gen_ndr/cli_svcctl.h b/librpc/gen_ndr/cli_svcctl.h
index c656eba530..fcfb219d38 100644
--- a/librpc/gen_ndr/cli_svcctl.h
+++ b/librpc/gen_ndr/cli_svcctl.h
@@ -141,8 +141,8 @@ NTSTATUS rpccli_svcctl_QueryServiceLockStatusW(struct rpc_pipe_client *cli,
NTSTATUS rpccli_svcctl_StartServiceW(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle /* [in] [ref] */,
- uint32_t NumArgs /* [in] */,
- const char *Arguments /* [in] [unique,charset(UTF16)] */,
+ uint32_t NumArgs /* [in] [range(0,SC_MAX_ARGUMENTS)] */,
+ struct svcctl_ArgumentString *Arguments /* [in] [unique,size_is(NumArgs)] */,
WERROR *werror);
NTSTATUS rpccli_svcctl_GetServiceDisplayNameW(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
diff --git a/librpc/gen_ndr/ndr_svcctl.c b/librpc/gen_ndr/ndr_svcctl.c
index ee828ee49d..1770e1f0ba 100644
--- a/librpc/gen_ndr/ndr_svcctl.c
+++ b/librpc/gen_ndr/ndr_svcctl.c
@@ -907,6 +907,66 @@ _PUBLIC_ size_t ndr_size_QUERY_SERVICE_CONFIG(const struct QUERY_SERVICE_CONFIG
return ndr_size_struct(r, flags, (ndr_push_flags_fn_t)ndr_push_QUERY_SERVICE_CONFIG, ic);
}
+static enum ndr_err_code ndr_push_svcctl_ArgumentString(struct ndr_push *ndr, int ndr_flags, const struct svcctl_ArgumentString *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_unique_ptr(ndr, r->string));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ if (r->string) {
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->string, CH_UTF16)));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->string, CH_UTF16)));
+ NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->string, ndr_charset_length(r->string, CH_UTF16), sizeof(uint16_t), CH_UTF16));
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_svcctl_ArgumentString(struct ndr_pull *ndr, int ndr_flags, struct svcctl_ArgumentString *r)
+{
+ uint32_t _ptr_string;
+ TALLOC_CTX *_mem_save_string_0;
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_string));
+ if (_ptr_string) {
+ NDR_PULL_ALLOC(ndr, r->string);
+ } else {
+ r->string = NULL;
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ if (r->string) {
+ _mem_save_string_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->string, 0);
+ NDR_CHECK(ndr_pull_array_size(ndr, &r->string));
+ NDR_CHECK(ndr_pull_array_length(ndr, &r->string));
+ if (ndr_get_array_length(ndr, &r->string) > ndr_get_array_size(ndr, &r->string)) {
+ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->string), ndr_get_array_length(ndr, &r->string));
+ }
+ NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->string), sizeof(uint16_t)));
+ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, ndr_get_array_length(ndr, &r->string), sizeof(uint16_t), CH_UTF16));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_string_0, 0);
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_svcctl_ArgumentString(struct ndr_print *ndr, const char *name, const struct svcctl_ArgumentString *r)
+{
+ ndr_print_struct(ndr, name, "svcctl_ArgumentString");
+ ndr->depth++;
+ ndr_print_ptr(ndr, "string", r->string);
+ ndr->depth++;
+ if (r->string) {
+ ndr_print_string(ndr, "string", r->string);
+ }
+ ndr->depth--;
+ ndr->depth--;
+}
+
static enum ndr_err_code ndr_push_svcctl_ConfigLevel(struct ndr_push *ndr, int ndr_flags, enum svcctl_ConfigLevel r)
{
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
@@ -3415,6 +3475,7 @@ _PUBLIC_ void ndr_print_svcctl_QueryServiceLockStatusW(struct ndr_print *ndr, co
static enum ndr_err_code ndr_push_svcctl_StartServiceW(struct ndr_push *ndr, int flags, const struct svcctl_StartServiceW *r)
{
+ uint32_t cntr_Arguments_1;
if (flags & NDR_IN) {
if (r->in.handle == NULL) {
return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer");
@@ -3423,10 +3484,13 @@ static enum ndr_err_code ndr_push_svcctl_StartServiceW(struct ndr_push *ndr, int
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.NumArgs));
NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.Arguments));
if (r->in.Arguments) {
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.Arguments, CH_UTF16)));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.Arguments, CH_UTF16)));
- NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.Arguments, ndr_charset_length(r->in.Arguments, CH_UTF16), sizeof(uint16_t), CH_UTF16));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.NumArgs));
+ for (cntr_Arguments_1 = 0; cntr_Arguments_1 < r->in.NumArgs; cntr_Arguments_1++) {
+ NDR_CHECK(ndr_push_svcctl_ArgumentString(ndr, NDR_SCALARS, &r->in.Arguments[cntr_Arguments_1]));
+ }
+ for (cntr_Arguments_1 = 0; cntr_Arguments_1 < r->in.NumArgs; cntr_Arguments_1++) {
+ NDR_CHECK(ndr_push_svcctl_ArgumentString(ndr, NDR_BUFFERS, &r->in.Arguments[cntr_Arguments_1]));
+ }
}
}
if (flags & NDR_OUT) {
@@ -3438,8 +3502,10 @@ static enum ndr_err_code ndr_push_svcctl_StartServiceW(struct ndr_push *ndr, int
static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int flags, struct svcctl_StartServiceW *r)
{
uint32_t _ptr_Arguments;
+ uint32_t cntr_Arguments_1;
TALLOC_CTX *_mem_save_handle_0;
TALLOC_CTX *_mem_save_Arguments_0;
+ TALLOC_CTX *_mem_save_Arguments_1;
if (flags & NDR_IN) {
if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
NDR_PULL_ALLOC(ndr, r->in.handle);
@@ -3449,6 +3515,9 @@ static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int
NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS, r->in.handle));
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.NumArgs));
+ if (r->in.NumArgs > SC_MAX_ARGUMENTS) {
+ return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
+ }
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Arguments));
if (_ptr_Arguments) {
NDR_PULL_ALLOC(ndr, r->in.Arguments);
@@ -3459,14 +3528,21 @@ static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int
_mem_save_Arguments_0 = NDR_PULL_GET_MEM_CTX(ndr);
NDR_PULL_SET_MEM_CTX(ndr, r->in.Arguments, 0);
NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Arguments));
- NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Arguments));
- if (ndr_get_array_length(ndr, &r->in.Arguments) > ndr_get_array_size(ndr, &r->in.Arguments)) {
- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Arguments), ndr_get_array_length(ndr, &r->in.Arguments));
+ NDR_PULL_ALLOC_N(ndr, r->in.Arguments, ndr_get_array_size(ndr, &r->in.Arguments));
+ _mem_save_Arguments_1 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.Arguments, 0);
+ for (cntr_Arguments_1 = 0; cntr_Arguments_1 < r->in.NumArgs; cntr_Arguments_1++) {
+ NDR_CHECK(ndr_pull_svcctl_ArgumentString(ndr, NDR_SCALARS, &r->in.Arguments[cntr_Arguments_1]));
}
- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t)));
- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Arguments, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t), CH_UTF16));
+ for (cntr_Arguments_1 = 0; cntr_Arguments_1 < r->in.NumArgs; cntr_Arguments_1++) {
+ NDR_CHECK(ndr_pull_svcctl_ArgumentString(ndr, NDR_BUFFERS, &r->in.Arguments[cntr_Arguments_1]));
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Arguments_1, 0);
NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Arguments_0, 0);
}
+ if (r->in.Arguments) {
+ NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.Arguments, r->in.NumArgs));
+ }
}
if (flags & NDR_OUT) {
NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result));
@@ -3476,6 +3552,7 @@ static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int
_PUBLIC_ void ndr_print_svcctl_StartServiceW(struct ndr_print *ndr, const char *name, int flags, const struct svcctl_StartServiceW *r)
{
+ uint32_t cntr_Arguments_1;
ndr_print_struct(ndr, name, "svcctl_StartServiceW");
ndr->depth++;
if (flags & NDR_SET_VALUES) {
@@ -3492,7 +3569,16 @@ _PUBLIC_ void ndr_print_svcctl_StartServiceW(struct ndr_print *ndr, const char *
ndr_print_ptr(ndr, "Arguments", r->in.Arguments);
ndr->depth++;
if (r->in.Arguments) {
- ndr_print_string(ndr, "Arguments", r->in.Arguments);
+ ndr->print(ndr, "%s: ARRAY(%d)", "Arguments", (int)r->in.NumArgs);
+ ndr->depth++;
+ for (cntr_Arguments_1=0;cntr_Arguments_1<r->in.NumArgs;cntr_Arguments_1++) {
+ char *idx_1=NULL;
+ if (asprintf(&idx_1, "[%d]", cntr_Arguments_1) != -1) {
+ ndr_print_svcctl_ArgumentString(ndr, "Arguments", &r->in.Arguments[cntr_Arguments_1]);
+ free(idx_1);
+ }
+ }
+ ndr->depth--;
}
ndr->depth--;
ndr->depth--;
diff --git a/librpc/gen_ndr/ndr_svcctl.h b/librpc/gen_ndr/ndr_svcctl.h
index 902565d295..6e765d8b8c 100644
--- a/librpc/gen_ndr/ndr_svcctl.h
+++ b/librpc/gen_ndr/ndr_svcctl.h
@@ -129,6 +129,7 @@ enum ndr_err_code ndr_push_QUERY_SERVICE_CONFIG(struct ndr_push *ndr, int ndr_fl
enum ndr_err_code ndr_pull_QUERY_SERVICE_CONFIG(struct ndr_pull *ndr, int ndr_flags, struct QUERY_SERVICE_CONFIG *r);
void ndr_print_QUERY_SERVICE_CONFIG(struct ndr_print *ndr, const char *name, const struct QUERY_SERVICE_CONFIG *r);
size_t ndr_size_QUERY_SERVICE_CONFIG(const struct QUERY_SERVICE_CONFIG *r, struct smb_iconv_convenience *ic, int flags);
+void ndr_print_svcctl_ArgumentString(struct ndr_print *ndr, const char *name, const struct svcctl_ArgumentString *r);
void ndr_print_svcctl_ConfigLevel(struct ndr_print *ndr, const char *name, enum svcctl_ConfigLevel r);
enum ndr_err_code ndr_push_SERVICE_DESCRIPTION(struct ndr_push *ndr, int ndr_flags, const struct SERVICE_DESCRIPTION *r);
enum ndr_err_code ndr_pull_SERVICE_DESCRIPTION(struct ndr_pull *ndr, int ndr_flags, struct SERVICE_DESCRIPTION *r);
diff --git a/librpc/gen_ndr/svcctl.h b/librpc/gen_ndr/svcctl.h
index c0daab43d5..eb48fa0d4f 100644
--- a/librpc/gen_ndr/svcctl.h
+++ b/librpc/gen_ndr/svcctl.h
@@ -28,6 +28,8 @@
#define SERVICE_EXECUTE_ACCESS ( (SERVICE_READ_ACCESS|SC_RIGHT_SVC_START|SC_RIGHT_SVC_STOP|SC_RIGHT_SVC_PAUSE_CONTINUE) )
#define SERVICE_WRITE_ACCESS ( (SEC_STD_REQUIRED|SERVICE_READ_ACCESS|SERVICE_EXECUTE_ACCESS|SC_RIGHT_SVC_CHANGE_CONFIG) )
#define SERVICE_ALL_ACCESS ( SERVICE_WRITE_ACCESS )
+#define SC_MAX_ARGUMENT_LENGTH ( 1024 )
+#define SC_MAX_ARGUMENTS ( 1024 )
struct SERVICE_LOCK_STATUS {
uint32_t is_locked;
const char *lock_owner;/* [unique,charset(UTF16)] */
@@ -226,6 +228,10 @@ struct QUERY_SERVICE_CONFIG {
const char *displayname;/* [unique,range(0,8192),charset(UTF16)] */
}/* [gensize,public] */;
+struct svcctl_ArgumentString {
+ const char *string;/* [unique,range(0,SC_MAX_ARGUMENT_LENGTH),charset(UTF16)] */
+};
+
enum svcctl_ConfigLevel
#ifndef USE_UINT_ENUMS
{
@@ -575,8 +581,8 @@ struct svcctl_QueryServiceLockStatusW {
struct svcctl_StartServiceW {
struct {
struct policy_handle *handle;/* [ref] */
- uint32_t NumArgs;
- const char *Arguments;/* [unique,charset(UTF16)] */
+ uint32_t NumArgs;/* [range(0,SC_MAX_ARGUMENTS)] */
+ struct svcctl_ArgumentString *Arguments;/* [unique,size_is(NumArgs)] */
} in;
struct {
diff --git a/librpc/idl/svcctl.idl b/librpc/idl/svcctl.idl
index a5685e8ae3..19866d273f 100644
--- a/librpc/idl/svcctl.idl
+++ b/librpc/idl/svcctl.idl
@@ -404,10 +404,18 @@ import "misc.idl", "security.idl";
/*****************/
/* Function 0x13 */
+
+ const int SC_MAX_ARGUMENT_LENGTH = 1024;
+ const int SC_MAX_ARGUMENTS = 1024;
+
+ typedef struct {
+ [string,charset(UTF16),range(0,SC_MAX_ARGUMENT_LENGTH)] uint16 *string;
+ } svcctl_ArgumentString;
+
WERROR svcctl_StartServiceW(
[in,ref] policy_handle *handle,
- [in] uint32 NumArgs,
- [in,unique/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments
+ [in,range(0,SC_MAX_ARGUMENTS)] uint32 NumArgs,
+ [in,unique,size_is(NumArgs)] svcctl_ArgumentString *Arguments
);
/*****************/