diff options
Diffstat (limited to 'source4/librpc/ndr')
-rw-r--r-- | source4/librpc/ndr/libndr.h | 10 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_basic.c | 25 |
2 files changed, 33 insertions, 2 deletions
diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h index cea7290577..9940dc2c05 100644 --- a/source4/librpc/ndr/libndr.h +++ b/source4/librpc/ndr/libndr.h @@ -42,7 +42,7 @@ struct ndr_token_list { */ struct ndr_pull { uint32_t flags; /* LIBNDR_FLAG_* */ - char *data; + uint8_t *data; uint32_t data_size; uint32_t offset; @@ -62,7 +62,7 @@ struct ndr_pull_save { /* structure passed to functions that generate NDR formatted data */ struct ndr_push { uint32_t flags; /* LIBNDR_FLAG_* */ - char *data; + uint8_t *data; uint32_t alloc_size; uint32_t offset; @@ -112,6 +112,9 @@ struct ndr_print { /* used to force a section of IDL to be little-endian */ #define LIBNDR_FLAG_LITTLE_ENDIAN (1<<17) +/* used to check if alignment padding is zero */ +#define LIBNDR_FLAG_PAD_CHECK (1<<18) + /* useful macro for debugging */ #define NDR_PRINT_DEBUG(type, p) ndr_print_debug((ndr_print_fn_t)ndr_print_ ##type, #p, p) @@ -161,6 +164,9 @@ enum ndr_err_code { #define NDR_PULL_ALIGN(ndr, n) do { \ if (!(ndr->flags & LIBNDR_FLAG_NOALIGN)) { \ + if (ndr->flags & LIBNDR_FLAG_PAD_CHECK) { \ + ndr_check_padding(ndr, n); \ + } \ ndr->offset = (ndr->offset + (n-1)) & ~(n-1); \ } \ if (ndr->offset >= ndr->data_size) { \ diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c index 7f36f7e4ba..d015cc5e48 100644 --- a/source4/librpc/ndr/ndr_basic.c +++ b/source4/librpc/ndr/ndr_basic.c @@ -28,6 +28,31 @@ #define NDR_SSVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSSVAL(ndr->data,ofs,v); } else SSVAL(ndr->data,ofs,v); } while (0) #define NDR_SIVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSIVAL(ndr->data,ofs,v); } else SIVAL(ndr->data,ofs,v); } while (0) + +/* + check for data leaks from the server by looking for non-zero pad bytes + these could also indicate that real structure elements have been + mistaken for padding in the IDL +*/ +void ndr_check_padding(struct ndr_pull *ndr, size_t n) +{ + size_t ofs2 = (ndr->offset + (n-1)) & ~(n-1); + int i; + for (i=ndr->offset;i<ofs2;i++) { + if (ndr->data[i] != 0) { + break; + } + } + if (i<ofs2) { + DEBUG(0,("WARNING: Non-zero padding to %d: ", n)); + for (i=ndr->offset;i<ofs2;i++) { + DEBUG(0,("%02x ", ndr->data[i])); + } + DEBUG(0,("\n")); + } + +} + /* parse a uint8 */ |