mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
libcli/security: avoid overflow in subauths
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
b3cff5636b
commit
67ff4ca200
@ -204,7 +204,15 @@ bool dom_sid_parse_endp(const char *sidstr,struct dom_sid *sidout,
|
||||
}
|
||||
|
||||
conv = smb_strtoull(q, &end, 10, &error, SMB_STR_STANDARD);
|
||||
if (conv > UINT32_MAX || error != 0) {
|
||||
if (conv > UINT32_MAX || error != 0 || end - q > 12) {
|
||||
/*
|
||||
* This sub-auth is greater than 4294967295,
|
||||
* and hence invalid. Windows will treat it as
|
||||
* 4294967295, while we prefer to refuse (old
|
||||
* versions of Samba will wrap, arriving at
|
||||
* another number altogether).
|
||||
*/
|
||||
DBG_NOTICE("bad sub-auth in %s\n", sidstr);
|
||||
goto format_error;
|
||||
}
|
||||
|
||||
|
@ -72,6 +72,7 @@
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-22.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-281474976710656-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-0x20-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-20-00000000000243.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-3.2-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-32--579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-32-.579.ad_dc
|
||||
@ -87,5 +88,6 @@
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-0xABcDef123-0xABCDef-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-22.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-5-0x20-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-5-20-00000000000243.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_s-1-5-32-579.ad_dc
|
||||
^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_s-1-5-32-579.ad_dc
|
||||
|
Loading…
Reference in New Issue
Block a user