ntacl and upgradeprovision patches

Sun Jan 17 16:05:54 MST 2010

Hi Matthieu,

On Sun, 2010-01-17 at 23:15 +0300, Matthieu Patou wrote:
> So I found the reason of the problem on x64:
> I did in my python binding as in generated python binding that is to say 
> parsing a blob a string that might contains null ie.
> in py_security.c:
> 
> static PyObject *py_dom_sid_ndr_unpack(PyObject *py_obj, PyObject *args)
> {
>    struct dom_sid *object = (struct dom_sid *)py_talloc_get_ptr(py_obj);
>    DATA_BLOB blob;
>    enum ndr_err_code err;
>    if (!PyArg_ParseTuple(args, "s#:__ndr_unpack__", &blob.data, 
> &blob.length))
>      return NULL;
> ...
> 
> It works great in 32 bits because blob.length has a size of 4 bytes and 
> an int also ! but in 64 bits it don't as blob.length is a size_t value 
> with in this case 8 bytes length. So in some case the 4 upper bytes can 
> contains non null bytes which leads the C to error because it thinks 
> that the size of the blob is HUGE.
> 
> I fixed my binding by forcing the blob.length to 0 before calling 
> PyArg_ParseTuple. This obviously works only for blobs smaller than 2G 
> (because it's not clear if the int is signed or not), which might be 
> enough for a few days !
It seems to me like the best way to deal with this is to store the
string size in a separate variable that has int as its type and then
assigning blob.length to that variable.

Have you tried that?

Cheers,

Jelmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100118/7893790e/attachment.pgp>