1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

5 Commits

Author SHA1 Message Date
Andrew Bartlett
3bc680c1e3 pidl: Avoid leaving array_size NDR tokens around
In many cases these can and should be consumed as soon as
they are used.

This is not a complete fix, we don't clean up the array_size
token after using it split between an NDR_SCALARS and
an NDR_BUFFERS pass, but it is much better than it was
and helps the winbind case with a large number of groups
(eg 100,000) as otherwise we hit the 65535 NDR token limit.

(This is an arbitary Samba-only limit to avoid DoS conditions)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-06-02 03:56:36 +00:00
Andrew Bartlett
a7d4f93cfd pidl: Avoid leaving array_length NDR tokens around
In many cases these can and should be consumed as soon as
they are used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-06-02 03:56:36 +00:00
Andrew Bartlett
40aabcb5cf librpc: Add const to cookie pointer in ndr_check_array_{size,length}
This pointer is only used to find the right token in the list
so can be declared const.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-06-02 03:56:36 +00:00
Andrew Bartlett
c35f4180a4 libndr: Return error code from ndr_token_peek()
This makes it safer to change our code to remove tokens after use
if failing to obtain a token would result in an error.

This means changing ndr_get_array_size() and ndr_get_array_length()
to also return an error code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-06-02 03:56:36 +00:00
Andrew Bartlett
0cc4478070 selftest: Add test of NDR marshalling from python, starting with wbint
These patches are to address an issue unpacking a very large
winbind.wbint_Principals array (100,000).

We need the NDR_TOKEN_MAX_LIST_SIZE value exposed as
otherwise a well-meaning incrase of this value would
invalidate the test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-06-02 03:56:36 +00:00