mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
libcli/security: don't allow conditional ACE SIDs to have trailing bytes
They should be tightly packed, allowing conditional ACEs to round-trip. Credit to OSS-Fuzz. REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64197 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
e004a5a444
commit
a016ce7068
@ -254,6 +254,8 @@ static ssize_t pull_sid(TALLOC_CTX *mem_ctx,
|
||||
if (ndr == NULL) {
|
||||
return -1;
|
||||
}
|
||||
ndr->flags |= LIBNDR_FLAG_SUBCONTEXT_NO_UNREAD_BYTES;
|
||||
|
||||
ndr_err = ndr_pull_ace_condition_sid(ndr, NDR_SCALARS|NDR_BUFFERS, tok);
|
||||
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
|
||||
TALLOC_FREE(ndr);
|
||||
|
Loading…
Reference in New Issue
Block a user