[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Nov 2 19:12:03 UTC 2018
The branch, master has been updated
via 8b9d362 lib: Add dom_sid_str_buf
via 831ee63 lib: Add error checks in dom_sid_string_buf
from 537a26d tests/py/rodc_rwdc: Fix py2/py3 .next compat issues
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8b9d36221930a487ca5c51bf2e38ed04de9d50f7
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 18 05:46:37 2018 +0200
lib: Add dom_sid_str_buf
This is modeled after server_id_str_buf, which as an API to me is easier to
use: I can rely on the compiler to get the buffer size right.
It is designed to violate README.Coding's "Make use of helper variables", but
as this API is simple enough and the output should never be a surprise at all,
I think that's worth it.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Nov 2 20:11:11 CET 2018 on sn-devel-144
commit 831ee63f54959168cf34f12d4590102f40448cc5
Author: Volker Lendecke <vl at samba.org>
Date: Thu Nov 1 11:11:17 2018 +0100
lib: Add error checks in dom_sid_string_buf
Also, avoid casts by using PRIxxx macros
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/security/dom_sid.c | 42 +++++++++++++++++++++++++++++++++---------
libcli/security/dom_sid.h | 2 ++
source4/auth/sam.c | 2 +-
3 files changed, 36 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index b876fc8..97f719f 100644
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -431,7 +431,7 @@ bool dom_sid_is_valid_account_domain(const struct dom_sid *sid)
*/
int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen)
{
- int i, ofs;
+ int i, ofs, ret;
uint64_t ia;
if (!sid) {
@@ -445,18 +445,32 @@ int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen)
((uint64_t)sid->id_auth[1] << 32) +
((uint64_t)sid->id_auth[0] << 40);
- ofs = snprintf(buf, buflen, "S-%hhu-", (unsigned char)sid->sid_rev_num);
+ ret = snprintf(buf, buflen, "S-%"PRIu8"-", sid->sid_rev_num);
+ if (ret < 0) {
+ return ret;
+ }
+ ofs = ret;
+
if (ia >= UINT32_MAX) {
- ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "0x%llx",
- (unsigned long long)ia);
+ ret = snprintf(buf+ofs, MAX(buflen-ofs, 0), "0x%"PRIx64, ia);
} else {
- ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "%llu",
- (unsigned long long)ia);
+ ret = snprintf(buf+ofs, MAX(buflen-ofs, 0), "%"PRIu64, ia);
}
+ if (ret < 0) {
+ return ret;
+ }
+ ofs += ret;
for (i = 0; i < sid->num_auths; i++) {
- ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "-%u",
- (unsigned int)sid->sub_auths[i]);
+ ret = snprintf(
+ buf+ofs,
+ MAX(buflen-ofs, 0),
+ "-%"PRIu32,
+ sid->sub_auths[i]);
+ if (ret < 0) {
+ return ret;
+ }
+ ofs += ret;
}
return ofs;
}
@@ -472,7 +486,7 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
len = dom_sid_string_buf(sid, buf, sizeof(buf));
- if (len+1 > sizeof(buf)) {
+ if ((len < 0) || (len+1 > sizeof(buf))) {
return talloc_strdup(mem_ctx, "(SID ERR)");
}
@@ -491,3 +505,13 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
talloc_set_name_const(result, result);
return result;
}
+
+char *dom_sid_str_buf(const struct dom_sid *sid, struct dom_sid_buf *dst)
+{
+ int ret;
+ ret = dom_sid_string_buf(sid, dst->buf, sizeof(dst->buf));
+ if ((ret < 0) || (ret >= sizeof(dst->buf))) {
+ strlcpy(dst->buf, "(INVALID SID)", sizeof(dst->buf));
+ }
+ return dst->buf;
+}
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index d9f4b3f..d132628 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -102,6 +102,8 @@ bool dom_sid_is_valid_account_domain(const struct dom_sid *sid);
int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen);
char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
+struct dom_sid_buf { char buf[DOM_SID_STR_BUFLEN]; };
+char *dom_sid_str_buf(const struct dom_sid *sid, struct dom_sid_buf *dst);
const char *sid_type_lookup(uint32_t sid_type);
const struct security_token *get_system_token(void);
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 07cfbd0..bc95de2 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -638,7 +638,7 @@ _PUBLIC_ NTSTATUS authsam_update_user_info_dc(TALLOC_CTX *mem_ctx,
int len;
len = dom_sid_string_buf(sid, sid_buf, sizeof(sid_buf));
- if (len+1 > sizeof(sid_buf)) {
+ if ((len < 0) || (len+1 > sizeof(sid_buf))) {
return NT_STATUS_INVALID_SID;
}
snprintf(dn_str, sizeof(dn_str), "<SID=%s>", sid_buf);
--
Samba Shared Repository
More information about the samba-cvs
mailing list