1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/libcli/security
Douglas Bagnall c0d477738e libcli:security:sddl: accept only 8-4-4-4-12 GUIDs
Before we would take strings in a variety of lengths and formats,
which is not what Windows does or [MS-DTYP] says.

This was found by looking at evolved fuzz seeds. Note the 16 and 32
byte sequences in GUID position below:

$ hd $(ls -t seeds/fuzz_sddl_parse/* | head -1)| head
00000000  44 3a 41 52 50 50 50 50  50 28 4f 4c 3b 3b 46 57  |D:ARPPPPP(OL;;FW|
00000010  3b 30 7e ff ff ff ff ff  ff ff 2d 31 38 f5 ff ff  |;0~.......-18...|
00000020  fb 3b 3b 52 43 29 28 4f  44 3b 3b 46 57 3b 3b 3b  |.;;RC)(OD;;FW;;;|
00000030  52 43 29 28 4f 44 3b 3b  46 57 3b 30 30 ff ff ff  |RC)(OD;;FW;00...|
00000040  fb 30 e9 9b 3c cf e6 f5  ff ff fb 3b 3b 52 43 29  |.0..<......;;RC)|
00000050  28 4f 44 3b 3b 46 57 43  52 3b 3b 3b 52 43 29 28  |(OD;;FWCR;;;RC)(|
00000060  4f 44 3b 3b 46 58 47 52  3b 3b 33 43 43 35 38 37  |OD;;FXGR;;3CC587|
00000070  32 35 44 44 44 44 44 44  44 44 44 44 44 44 44 44  |25DDDDDDDDDDDDDD|
00000080  44 44 44 44 44 44 44 44  44 44 3b 52 43 29 28 4f  |DDDDDDDDDD;RC)(O|
00000090  44 3b 3b 46 58 3b 3b 3b  52 43 29 28 4f 44 3b 3b  |D;;FX;;;RC)(OD;;|

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-28 02:15:36 +00:00
..
tests libcli/security: SDDL parse tests to run on Windows 2023-04-28 02:15:36 +00:00
access_check.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
access_check.h CVE-2023-0614 libcli/security: Make some parameters const 2023-04-05 02:10:34 +00:00
create_descriptor.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
display_sec.c libcli/security: Avoid includes.h 2023-03-09 18:10:33 +00:00
display_sec.h
dom_sid.c libcli/security/dom_sid: use (unsigned char) in isdigit() 2023-04-28 02:15:36 +00:00
dom_sid.h libcli/security: Add dom_sid_has_account_domain() to confirm a S-1-5-21 prefix 2023-03-31 08:29:32 +00:00
object_tree.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
privileges_private.h
privileges.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
privileges.h libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
pysecurity.c Fix clang 9 missing-field-initializer warnings 2020-05-08 09:31:31 +00:00
sddl.c libcli:security:sddl: accept only 8-4-4-4-12 GUIDs 2023-04-28 02:15:36 +00:00
sddl.h libcli security/sddl: Make sddl_encode_ace visible 2022-09-27 16:46:35 +00:00
secace.c libcli/security: Avoid includes.h 2023-03-09 18:10:33 +00:00
secace.h lib: Remove some unused code 2015-08-14 07:46:12 +02:00
secacl.c libcli/security: Avoid includes.h 2023-03-09 18:10:33 +00:00
secacl.h libcli: make_sec_acl() copies the ace_list, make that const 2021-01-22 19:54:38 +00:00
secdesc.c lib: Remove a talloc_stackframe() 2023-03-09 18:10:33 +00:00
secdesc.h libcli/security: Remove unused dup_sec_desc_buf() 2019-05-22 05:59:14 +00:00
security_descriptor.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
security_descriptor.h libcli/security: add security_descriptor_[s|d]acl_insert() helpers 2023-03-22 15:01:32 +00:00
security_token.c libcli/security: Avoid includes.h 2023-03-09 18:10:33 +00:00
security_token.h lib: librpc/gen_ndr/security.h needs DATA_BLOB 2023-03-09 18:10:33 +00:00
security.h libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
session.c libcli/security: Avoid includes.h 2023-03-09 18:10:33 +00:00
session.h libcli/security: implement SECURITY_GUEST 2016-04-28 16:51:17 +02:00
util_sid.c libcli:security: Fix code spelling 2023-04-27 14:25:38 +00:00
wscript_build build: Remove bld.gen_python_environments() 2019-03-21 04:06:14 +00:00