sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00
Code

libcli/security: Fix integer overflow

Browse Source 
On a typical machine where the size of ‘int’ is 32 bits or smaller, a
sub-authority of 2147483649 would be ordered before a sub-authority of
1, even though it is greater.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-08-02 14:27:31 +12:00 committed by Andrew Bartlett
parent 5cf61ed2e3
commit dbf53bf3d5
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
libcli/security/dom_sid.c
View File

@ -74,9 +74,14 @@ int dom_sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2)
if (sid1->num_auths != sid2->num_auths)
return sid1->num_auths - sid2->num_auths;
for (i = sid1->num_auths-1; i >= 0; --i)
if (sid1->sub_auths[i] != sid2->sub_auths[i])
return sid1->sub_auths[i] - sid2->sub_auths[i];
for (i = sid1->num_auths-1; i >= 0; --i) {
if (sid1->sub_auths[i] < sid2->sub_auths[i]) {
return -1;
}
if (sid1->sub_auths[i] > sid2->sub_auths[i]) {
return 1;
}
}
return dom_sid_compare_auth(sid1, sid2);
}
@ -114,9 +119,14 @@ int dom_sid_compare_domain(const struct dom_sid *sid1,
n = MIN(sid1->num_auths, sid2->num_auths);
for (i = n-1; i >= 0; --i)
if (sid1->sub_auths[i] != sid2->sub_auths[i])
return sid1->sub_auths[i] - sid2->sub_auths[i];
for (i = n-1; i >= 0; --i) {
if (sid1->sub_auths[i] < sid2->sub_auths[i]) {
return -1;
}
if (sid1->sub_auths[i] > sid2->sub_auths[i]) {
return 1;
}
}
return dom_sid_compare_auth(sid1, sid2);
}