From 447d96878a8b5a335447c37eca2a46b7133caa78 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Sep 2010 15:40:15 -0700 Subject: Fix all sid_parse returns to be checked. Tidy up some checks and error messages. Jeremy. --- source3/libads/ldap.c | 4 +++- source3/libsmb/cliquota.c | 4 +++- source3/smbd/nttrans.c | 17 ++++++++++++----- 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 970f20a8d9..97d89dc88d 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2145,7 +2145,9 @@ static void dump_sid(ADS_STRUCT *ads, const char *field, struct berval **values) for (i=0; values[i]; i++) { struct dom_sid sid; fstring tmp; - sid_parse(values[i]->bv_val, values[i]->bv_len, &sid); + if (!sid_parse(values[i]->bv_val, values[i]->bv_len, &sid)) { + return; + } printf("%s: %s\n", field, sid_to_fstring(tmp, &sid)); } } diff --git a/source3/libsmb/cliquota.c b/source3/libsmb/cliquota.c index 59c06ace79..002200ddaa 100644 --- a/source3/libsmb/cliquota.c +++ b/source3/libsmb/cliquota.c @@ -113,7 +113,9 @@ static bool parse_user_quota_record(const char *rdata, unsigned int rdata_count, } #endif /* LARGE_SMB_OFF_T */ - sid_parse(rdata+40,sid_len,&qt.sid); + if (!sid_parse(rdata+40,sid_len,&qt.sid)) { + return false; + } qt.qtype = SMB_USER_QUOTA_TYPE; diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index beb5b50502..7264bcbac9 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -2572,7 +2572,10 @@ static void call_nt_transact_get_user_quota(connection_struct *conn, break; } - sid_parse(pdata+8,sid_len,&sid); + if (!sid_parse(pdata+8,sid_len,&sid)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) { ZERO_STRUCT(qt); @@ -2689,7 +2692,7 @@ static void call_nt_transact_set_user_quota(connection_struct *conn, if (data_count < 40) { DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %d bytes data\n",data_count,40)); - reply_nterror(req, NT_STATUS_INVALID_LEVEL); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); return; } @@ -2701,9 +2704,9 @@ static void call_nt_transact_set_user_quota(connection_struct *conn, /* sid len */ sid_len = IVAL(pdata,4); - if (data_count < 40+sid_len) { + if (data_count < 40+sid_len || (40+sid_len < sid_len)) { DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %lu bytes data\n",data_count,(unsigned long)40+sid_len)); - reply_nterror(req, NT_STATUS_INVALID_LEVEL); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); return; } @@ -2753,7 +2756,11 @@ static void call_nt_transact_set_user_quota(connection_struct *conn, } #endif /* LARGE_SMB_OFF_T */ - sid_parse(pdata+40,sid_len,&sid); + if (!sid_parse(pdata+40,sid_len,&sid)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } + DEBUGADD(8,("SID: %s\n", sid_string_dbg(&sid))); /* 44 unknown bytes left... */ -- cgit