s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()

Stefan (metze) Metzmacher metze at samba.org
Wed Jan 13 18:08:05 MST 2010

tridge at samba.org schrieb:
> Hi Metze,
> Thanks for all of the great work you've been doing on ldb validation!
> Some comments on ece3defd15246f232acaf0c2c29b66da2924438a
> You use:
>   char buf[sizeof("-2147483648")];
> and this test:
> 	if (in->values[i].length >= sizeof(buf)) {
> 	}
> That will fail if someone passes in a an integer of maximum size with
> a nul termination byte. I think you should either add a +1 to the
> sizeof(), or you could specifically check for nul termination (eg. use
> strnlen(in->values[i].data, in->values[i].length) as the length to
> test against).

Does Windows allow an extra \0 byte?

If so we need to cononicalize the value before we store it.
A similar approach is needed when someone tries to set an
attribute with the NTTIME_UTC syntax (UTC Time) with a value
of NTTIME syntax (GeneralizedTime).

My aim was to make us as strict as possible first and then
demonstrate with tests that we need to be less strict.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100114/d6fd0012/attachment.pgp>

More information about the samba-technical mailing list