bug in wbcStringToSid

Jeremy Allison jra at samba.org
Thu Jul 17 16:15:55 GMT 2008


On Wed, Jul 16, 2008 at 08:12:05PM -0700, Herb Lewis wrote:
> In samba 3.2 the function wbcStringToSid has an error.
> We are calling strtol on the string to get the various
> parts of the sid (rev number, id_auth and sub_auths)
> however we test for the return value to be non-zero to
> indicate success. However this will not allow us to decode
> a SID that has a zero in any field - for example the
> Everyone sid of S-1-1-0 or UID 0 sid of S-1-22-1-0.
>
> I don't know if there are any SIDs with 0 in any position
> but the subauths but we need to at least allow it there.
>
> The code has the following lines
>
>         while (sid->num_auths < WBC_MAXSUBAUTHS) {
>                 if ((x=(uint32_t)strtoul(p, &q, 10)) == 0)
>                         break;
>                 sid->sub_auths[sid->num_auths++] = x;
>
>                 if (q && ((*q!='-') || (*q=='\0')))
>                         break;
>                 p = q + 1;
>         }
>
>
> I think this needs to be changed to something like the
> following
>
>         while (sid->num_auths < WBC_MAXSUBAUTHS) {
>                 x=(uint32_t)strtoul(p, &q, 10);
>                 if (p == q)
>                         break;
>                 sid->sub_auths[sid->num_auths++] = x;
>
>                 if (q && ((*q!='-') || (*q=='\0')))
>                         break;
>                 p = q + 1;
>         }

Herb, do you want to make the changes and check
it into 3.2-test and 3.3 please ?

I'd do it but I'm on a flight to the UK today.

Thanks,

Jeremy.


More information about the samba-technical mailing list