s4:dsdb/schema: add dsdb_syntax_INT32_validate_ldb()
Stefan (metze) Metzmacher
metze at samba.org
Wed Jan 13 18:08:05 MST 2010
tridge at samba.org schrieb:
> Hi Metze,
>
> Thanks for all of the great work you've been doing on ldb validation!
>
> Some comments on ece3defd15246f232acaf0c2c29b66da2924438a
>
> You use:
>
> char buf[sizeof("-2147483648")];
>
> and this test:
>
> if (in->values[i].length >= sizeof(buf)) {
> return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
> }
>
> That will fail if someone passes in a an integer of maximum size with
> a nul termination byte. I think you should either add a +1 to the
> sizeof(), or you could specifically check for nul termination (eg. use
> strnlen(in->values[i].data, in->values[i].length) as the length to
> test against).
Does Windows allow an extra \0 byte?
If so we need to cononicalize the value before we store it.
A similar approach is needed when someone tries to set an
attribute with the NTTIME_UTC syntax (UTC Time) with a value
of NTTIME syntax (GeneralizedTime).
My aim was to make us as strict as possible first and then
demonstrate with tests that we need to be less strict.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100114/d6fd0012/attachment.pgp>
More information about the samba-technical
mailing list