[PATCH] Introduce dom_sid_str_buf
Jeremy Allison
jra at samba.org
Fri Nov 2 16:02:56 UTC 2018
On Fri, Nov 02, 2018 at 11:47:16AM +0100, Volker Lendecke wrote:
> On Thu, Nov 01, 2018 at 10:23:44AM -0700, Jeremy Allison wrote:
> > For the second patch:
> >
> > + ret = dom_sid_string_buf(sid, dst->buf, sizeof(dst->buf));
> > + if ((ret < 0) > (ret >= sizeof(dst->buf))) {
> >
> > the error check doesn't look right to me. Shouldn't it be:
> >
> > + if ((ret < 0) || (ret >= sizeof(dst->buf))) {
>
> ... how much can go wrong in a patch?... This is brown-paper-bag
> quality :-)
>
> Attached.
LGTM :-). Pushed (with the additional squash). Thanks !
Jeremy.
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kontakt at sernet.de
> From 96e5899d5616079a8c353a1ba4fc384aba6fb0d1 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Thu, 1 Nov 2018 11:11:17 +0100
> Subject: [PATCH 1/2] lib: Add error checks in dom_sid_string_buf
>
> Also, avoid casts by using PRIxxx macros
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libcli/security/dom_sid.c | 30 ++++++++++++++++++++++--------
> 1 file changed, 22 insertions(+), 8 deletions(-)
>
> diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
> index b876fc8b780..f0d5afc21b0 100644
> --- a/libcli/security/dom_sid.c
> +++ b/libcli/security/dom_sid.c
> @@ -431,7 +431,7 @@ bool dom_sid_is_valid_account_domain(const struct dom_sid *sid)
> */
> int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen)
> {
> - int i, ofs;
> + int i, ofs, ret;
> uint64_t ia;
>
> if (!sid) {
> @@ -445,18 +445,32 @@ int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen)
> ((uint64_t)sid->id_auth[1] << 32) +
> ((uint64_t)sid->id_auth[0] << 40);
>
> - ofs = snprintf(buf, buflen, "S-%hhu-", (unsigned char)sid->sid_rev_num);
> + ret = snprintf(buf, buflen, "S-%"PRIu8"-", sid->sid_rev_num);
> + if (ret < 0) {
> + return ret;
> + }
> + ofs = ret;
> +
> if (ia >= UINT32_MAX) {
> - ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "0x%llx",
> - (unsigned long long)ia);
> + ret = snprintf(buf+ofs, MAX(buflen-ofs, 0), "0x%"PRIx64, ia);
> } else {
> - ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "%llu",
> - (unsigned long long)ia);
> + ret = snprintf(buf+ofs, MAX(buflen-ofs, 0), "%"PRIu64, ia);
> }
> + if (ret < 0) {
> + return ret;
> + }
> + ofs += ret;
>
> for (i = 0; i < sid->num_auths; i++) {
> - ofs += snprintf(buf + ofs, MAX(buflen - ofs, 0), "-%u",
> - (unsigned int)sid->sub_auths[i]);
> + ret = snprintf(
> + buf+ofs,
> + MAX(buflen-ofs, 0),
> + "-%"PRIu32,
> + sid->sub_auths[i]);
> + if (ret < 0) {
> + return ret;
> + }
> + ofs += ret;
> }
> return ofs;
> }
> --
> 2.11.0
>
>
> From 2c244681d1184fea5eca90bda6e0a19823368bdc Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Thu, 18 Oct 2018 05:46:37 +0200
> Subject: [PATCH 2/2] lib: Add dom_sid_str_buf
>
> This is modeled after server_id_str_buf, which as an API to me is easier to
> use: I can rely on the compiler to get the buffer size right.
>
> It is designed to violate README.Coding's "Make use of helper variables", but
> as this API is simple enough and the output should never be a surprise at all,
> I think that's worth it.
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libcli/security/dom_sid.c | 10 ++++++++++
> libcli/security/dom_sid.h | 2 ++
> 2 files changed, 12 insertions(+)
>
> diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
> index f0d5afc21b0..7a67d85e6e4 100644
> --- a/libcli/security/dom_sid.c
> +++ b/libcli/security/dom_sid.c
> @@ -505,3 +505,13 @@ char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid)
> talloc_set_name_const(result, result);
> return result;
> }
> +
> +char *dom_sid_str_buf(const struct dom_sid *sid, struct dom_sid_buf *dst)
> +{
> + int ret;
> + ret = dom_sid_string_buf(sid, dst->buf, sizeof(dst->buf));
> + if ((ret < 0) || (ret >= sizeof(dst->buf))) {
> + strlcpy(dst->buf, "(INVALID SID)", sizeof(dst->buf));
> + }
> + return dst->buf;
> +}
> diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
> index d9f4b3fc8a6..d132628da9f 100644
> --- a/libcli/security/dom_sid.h
> +++ b/libcli/security/dom_sid.h
> @@ -102,6 +102,8 @@ bool dom_sid_is_valid_account_domain(const struct dom_sid *sid);
> int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen);
> char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
>
> +struct dom_sid_buf { char buf[DOM_SID_STR_BUFLEN]; };
> +char *dom_sid_str_buf(const struct dom_sid *sid, struct dom_sid_buf *dst);
>
> const char *sid_type_lookup(uint32_t sid_type);
> const struct security_token *get_system_token(void);
> --
> 2.11.0
>
More information about the samba-technical
mailing list