mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
libcli:security: sddl_decode_ace: don't allow junk after SID
sddl_decode_sid() will stop at the first non-SID character. Windows doesn't allow white space here, and nor do we. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
c67f2292cb
commit
e7445aa677
@ -486,7 +486,9 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
|
|||||||
}
|
}
|
||||||
ace->trustee = *sid;
|
ace->trustee = *sid;
|
||||||
talloc_free(sid);
|
talloc_free(sid);
|
||||||
|
if (*s != '\0') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,5 +1,3 @@
|
|||||||
^samba.tests.sddl.+.SddlShouldFail.test_sddl_should_fail_D:.A;;GA;;;S-1-3-4...none
|
|
||||||
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;0x001f01ff;;;WD..A;;0x001f01ff;;;S-1.+S
|
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;0x001f01ff;;;WD..A;;0x001f01ff;;;S-1.+S
|
||||||
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;FA;;;WD..none
|
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;FA;;;WD..none
|
||||||
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_O:S-1-5-21-2212615479-2695158682-210137546.+:
|
^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_O:S-1-5-21-2212615479-2695158682-210137546.+:
|
||||||
^samba.tests.sddl.+.SddlWindowsIsLessFussy.test_sddl_should_fail_D:.A;;GA;;;WD...none
|
|
||||||
|
Loading…
Reference in New Issue
Block a user