diff options
author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2023-04-21 15:47:32 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2023-04-28 02:15:36 +0000 |
commit | c67f2292cba7a2ee047b196e565cf97cd6900973 (patch) | |
tree | cbb0f7fcadc2d6e9bb7f25fabfb71fda70ecfa98 /libcli | |
parent | faf1b80a9003b883c77451beaec599777b400eb8 (diff) | |
download | samba-c67f2292cba7a2ee047b196e565cf97cd6900973.tar.gz |
libcli/security: sddl_decode_access rejects trailing rubbish
Before we just ignored things like negative numbers, because they'd
end up being seen as not-numbers, so treated as flags, then as
not-flags.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/security/sddl.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c index b115d893e72..a726c06ddaf 100644 --- a/libcli/security/sddl.c +++ b/libcli/security/sddl.c @@ -369,7 +369,11 @@ static bool sddl_decode_access(const char *str, uint32_t *pmask) * and the shortest 64-bit wrapping string is * 19 (for "0x1" + 16 zeros). */ - DBG_WARNING("Bad numeric flag value in %s\n", str0); + DBG_WARNING("Bad numeric flag value in '%s'\n", str0); + return false; + } + if (*end != '\0') { + DBG_WARNING("Bad characters in '%s'\n", str0); return false; } *pmask = numeric_mask; @@ -393,7 +397,10 @@ static bool sddl_decode_access(const char *str, uint32_t *pmask) mask |= flags; str += len; } - + if (*str != '\0') { + DBG_WARNING("Bad characters in '%s'\n", str0); + return false; + } *pmask = mask; return true; } |