From 4085e189a147841fed64ecbe072cde007cedad0d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Sat, 10 Apr 2010 16:55:46 +0200
Subject: s3: Check 0 termination in GETALIASES

---
 source3/winbindd/winbindd_getsidaliases.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'source3/winbindd')

diff --git a/source3/winbindd/winbindd_getsidaliases.c b/source3/winbindd/winbindd_getsidaliases.c
index 6755fa149f..baa8fea11e 100644
--- a/source3/winbindd/winbindd_getsidaliases.c
+++ b/source3/winbindd/winbindd_getsidaliases.c
@@ -68,13 +68,19 @@ struct tevent_req *winbindd_getsidaliases_send(TALLOC_CTX *mem_ctx,
 	num_sids = 0;
 	sids = NULL;
 
-	if ((request->extra_data.data != NULL)
-	    && !parse_sidlist(state, request->extra_data.data,
-			      &sids, &num_sids)) {
-		DEBUG(1, ("Could not parse SID list: %s\n",
-			  request->extra_data.data));
-		tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
-		return tevent_req_post(req, ev);
+	if (request->extra_data.data != NULL) {
+		if (request->extra_data.data[request->extra_len-1] != '\0') {
+			DEBUG(1, ("Got non-NULL terminated sidlist\n"));
+			tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+			return tevent_req_post(req, ev);
+		}
+		if (!parse_sidlist(state, request->extra_data.data,
+				   &sids, &num_sids)) {
+			DEBUG(1, ("Could not parse SID list: %s\n",
+				  request->extra_data.data));
+			tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+			return tevent_req_post(req, ev);
+		}
 	}
 
 	subreq = wb_lookupuseraliases_send(state, ev, domain, num_sids, sids);
-- 
cgit