diff options
| -rw-r--r-- | source3/smbd/nttrans.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index b602a51611..9b3085c327 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -2237,7 +2237,7 @@ static void call_nt_transact_ioctl(connection_struct *conn, */ struct dom_sid sid; uid_t uid; - size_t sid_len = MIN(data_count-4,SID_MAX_SIZE); + size_t sid_len; DEBUG(10,("FSCTL_FIND_FILES_BY_SID: called on FID[0x%04X]\n",fidnum)); @@ -2245,6 +2245,13 @@ static void call_nt_transact_ioctl(connection_struct *conn, return; } + if (data_count < 8) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } + + sid_len = MIN(data_count-4,SID_MAX_SIZE); + /* unknown 4 bytes: this is not the length of the sid :-( */ /*unknown = IVAL(pdata,0);*/ |