1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

499 Commits

Author SHA1 Message Date
Volker Lendecke
82a12f7a9a libndr: Factor out ndr_pull_struct_blob_noalloc()
smb3_file_posix_information is variable length with something behind.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-10-04 20:31:36 +00:00
Joseph Sutton
c8b90d8d20 librpc: Fix typos in error messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 27 03:38:00 UTC 2023 on atb-devel-224
2023-09-27 03:38:00 +00:00
Joseph Sutton
267464f6c6 librpc/ndr: Use portable format specifiers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Joseph Sutton
ce43dd0571 ndr: Display values for failed range checks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9914

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Andrew Bartlett
5f4197bfab libndr: Add support for pulling strings with LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_STR_BYTESIZE
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-09-26 23:45:36 +00:00
Douglas Bagnall
f8215ed343 librpc/ndr_claims: avoid 'bin/default' in #include
Obviously it works fine, but we don't do it anywhere else.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
afec8524bc libcli/security: use sec_object_ace() in size_security_ace
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
b6a665cc8e librpc/ndr:ndr_sec_helper: fix a typo
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
a8e3f5d33f ndr_sec_helper: ace length should be multiple of 4
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Douglas Bagnall
5e1ed7b71f ndr_sec_helper: ndr_size_security_ace: do less work
Almost always the ACE has an `ignored` DATA_BLOB as the coda, and the
length of the coda is the length field of the blob, which is usually
zero.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-26 23:45:35 +00:00
Joseph Sutton
ba1750082a claims.idl: Be more lenient in our expectations for the compression of claims
384 bytes is not a strict threshold below which claims are never to be
compressed. Windows has been known to compress claims a mere 368 bytes
in size.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:29 +00:00
Joseph Sutton
9f78cc3b11 librpc:ndr: Avoid overflow in size calculation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-14 21:35:28 +00:00
Douglas Bagnall
c73034cf7c librpc/security.idl: adjust size calculations for upcoming ace types
Soon we will get Conditional ACEs and Resource Attribute ACES, each of
which have trailing bytes at the end of the ACE. Here's a diagram:

              ____      The ACE size field may indicate a size bigger
  .type      /    |     than the known parts, even when you take
  .flags    /     |     rounding to a multiple of four into account.
  .size  --'      |     This extra data is meaningful in some ACEs.
  .access_mask    |
  .trustee (sid) _|  <- known data ends here.
                  :
   "coda"      ___:  <- the trailing part, Zero size unless the size
                        field points beyond the end of the known data.
			Probably empty for ordinary ACE types.

Until now we have thrown away these extra bytes, because they have no
meaning in the ACE types we recognise. But with conditional and
resource attribute ACEs we need to catch and process these bytes, so
we add an extra field for that.

Thus we can drop the manually written ndr_pull_security_ace() that
discarded the trailing bytes, because we just allow it to be pulled
into an unused blob. In the very common case, the blob will be empty.

Microsoft does not use a common name across different ACE types to
describe this end-data -- "coda" is a Samba term.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-24 02:53:31 +00:00
Joseph Sutton
d5cbb542d0 librpc:ndr: Use portable integer types
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-21 23:37:29 +00:00
Joseph Sutton
402bb17693 librpc:ndr: Add ‘int64’ type
This type behaves like a signed variant of ‘hyper’. Unlike the existing
‘dlong’ type, which has four byte alignment, ‘int64’ is aligned to eight
bytes.

Bump the NDR version to 3.0.1.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15452

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-15 18:46:33 +00:00
Joseph Sutton
44df47712a librpc:ndr: Format sizes as ‘size_t’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Joseph Sutton
6913aebd59 librpc:ndr: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
b6c35d03c1 ndr_string: Move string length calculation fallback into default case
We are about to add a new enumeration constant (NUM_CHARSETS) to
charset_t. To do that we must have a default case in this switch
statement, or the compiler will refuse to compile it, stating that we
haven’t handled all the cases.

The alternative, adding a case for NUM_CHARSETS, would just look silly.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:37 +00:00
Joseph Sutton
ae9e56a1bc librpc/ndr: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
64834e2668 librpc/ndr: Format NDR pull sizes as ‘size_t’
The arguments to these macros are occasionally of type size_t.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
ee6ef91f9c ndr/dns-utils: Make error message slightly more readable
max_length will always be greater than one, so we can use the plural.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
872164137c ndr_string: Remove dodgy-looking casts
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
dd53e0524f ndr_string: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
2a2604bfb3 ndr_string: Add overflow check in ndr_pull_charset_to_null()
This matches ndr_pull_charset().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Joseph Sutton
448ed84c36 librpc/ndr: Remove unneeded casts
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:36 +00:00
Andrew Bartlett
e36a4149d8 librpc/idl: Remove DCOM and WMI IDL
As hinted in f2416493c0 the DCOM and WMI
IDL is now unused.  These generate code with PIDL, costing a small
amount of build time but more importantly are fuzzed, which costs an
ongoing amount of CPU time as oss-fuzz tries to find parsing issues.

We do not need to continue this waste, and these can be restored
if this effort is ever to start again.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00
Joseph Sutton
47b6696dcd librpc:ndr: Fix overflow in ndr_push_expand
If ‘size’ was equal to UINT32_MAX, the expression ‘size+1’ could
overflow to zero.

This could result in inadequate memory being allocated, which could
cause ndr_pull_compression_xpress_huff_raw_chunk() to overflow memory
with zero bytes.

Credit to OSS-Fuzz.

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57728

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15415

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-07 00:17:31 +00:00
Andreas Schneider
4ec8ecce07 librpc:ndr: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-06-23 13:44:31 +00:00
Andrew Bartlett
963688b3a5 librpc: Always call ndr_push_compression_state_init() for compression
This allows the push routine to cache the chosen compression algorithm in
the struct ndr_compression_state in ndr->cstate and so, in claims, avoid
calling ndr_size_CLAIMS_SET_NDR() three times per compression (more in the
overall push).

As claims is now the primary use of the libndr compression code, this is
a reasonable tradeoff compared to the other callers who have more static
algorithm selections.

By removing the struct ndr_compression_state **state argument from
ndr_push_compression_state_init() we make clear that the ndr->cstate
belongs to this NDR context, and this context alone.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-05-05 02:54:30 +00:00
Andrew Bartlett
ff2de50aa4 librpc: Fix talloc hierarchy for ndr_compression_state
The complexity of generic_mszip_free() is not needed, nor is a talloc
destructor required if the memory is correctly created in a tree.

Credit to OSS-Fuzz for showing the use-after-free

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57608

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15349

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-05-05 02:54:30 +00:00
Joseph Sutton
a1e64e5737 libndr: Handle allocation failure
If a talloc function returns NULL, indicating failure, the failure could
be masked by the next talloc call allocating on the NULL context.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-04-12 13:52:31 +00:00
Joseph Sutton
fd159aaa80 librpc/ndr: Add missing newlines to error messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-04-12 13:52:31 +00:00
Joseph Sutton
f1174c6e0c librpc/ndr: Fix NULL pointer dereference
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15348

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Andrew Bartlett
2d2f68236e librpc/ndr: Use libndr compression for claims
This ensures our python layer and C layer (in the KDC, when implementated)
use the same compression logic and so allows us to test the production
compression via the IDL-generated interfaces.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
c6981f6054 librpc/ndr: Make ndr_push_compression_state_free() a talloc destructor
This means that the generic_mszip_free() will still be called on failure.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
327c84cf87 librpc/ndr: Implement lzxpress_huffman() compression in libndr for Kerberos Claims
Rather than just pick the next value we re-arrange compression values
in libndr to be memnonic to values in MS Windows ntifs.h

This helps avoid confusing developers who compare these
algorithms with local the MS Windows interface.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
c85cadf195 librpc/ndr: Add a "NONE" compression format to libndr
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
b95117dc56 libndr/ndr: Remove unused argument from ndr_push_compression_{start,end}()
Removing the unused arguments avoids thier value being calculated in the
PIDL generated code, which can be expensive.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
8c58da347c libndr/ndr: Add NDR_COMPRESSION_INVALID
This will help make a mapping from wire-specified compression
algorithms to our available choices safer by allowing an invalid
choice to map to NDR_COMPRESSION_INVALID

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
937bf4b836 librpc/ndr: Unimplement DRSUAPI_COMPRESSION_TYPE_XPRESS and rename
DRSUAPI_COMPRESSION_TYPE_XPRESS is not MS-XCA nor is it implemented by
lzexpress_compress(), so disconnect from that algorithm.

This avoids someone fixing lzxpress_compress() to work for DRSUAPI
and breaking claims support.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Andrew Bartlett
1dedffab8b librpc/ndr: Remove incorrect comment that ndr_compression.h is autogenerated
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-03-31 01:48:30 +00:00
Joseph Sutton
349c5794d3 librpc/ndr: Fix incorrect error string in SID parser
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2022-10-21 03:57:33 +00:00
Volker Lendecke
9d432f3c1a librpc: Simplify ndr_size_dom_sid28()
Don't duplicate the calculation

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-09-07 18:40:28 +00:00
Volker Lendecke
2ae7ad97ab librpc: Simplify ndr_size_dom_sid28()
all_zero() treats a NULL pointer as true.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-09-07 18:40:28 +00:00
Pavel Filipenský
7b9f87b877 librpc:ndr: Update ndr_print_debug() and add macro NDR_PRINT_DEBUG_LEVEL
Bumping the ABI to 3.0.0

This is enhancement of NDR_PRINT_DEBUG macro with following new features:

* debug level can be specified (NDR_PRINT_DEBUG always uses level 1)
* the trace header shows the location and function of the caller
  instead of function 'ndr_print_debug', which is not really useful.

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-07-15 14:25:37 +00:00
Stefan Metzmacher
43648e95a5 librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0
convert_string_talloc_handle() tries to play an the safe side
and always returns a null terminated array.

But for NDR we need to be correct on the wire...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-01-24 15:25:36 +00:00
Andrew Bartlett
558f440f20 CVE-2020-25721 krb5pac: Add new buffers for samAccountName and objectSID
These appear when PAC_UPN_DNS_FLAG_HAS_SAM_NAME_AND_SID is set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14835

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2021-11-09 19:45:32 +00:00
Volker Lendecke
9857c56256 librpc: Simplify GUID_hexstring()
A temporary talloc context seems unnecessary to me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-24 17:32:28 +00:00
Volker Lendecke
0cddd3f2d6 librpc: Simplify GUID_string2() by using GUID_buf_string()
Avoid unnecessary talloc

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-24 17:32:28 +00:00
Volker Lendecke
5e2ac224b7 librpc: Simplify GUID_zero() with a direct struct return
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-24 17:32:28 +00:00