the message offset is largely calculated using the differences
between pointers in many places scattered throughout the code.
If we got one of these wrong, we could easily have a SIZE_MAX-ish
offset, which would be unfortunate if we came decided to display
the offset using spaces.
We can sanely limit the offset to the length of the SDDL.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* offset at least provides a clue.
*/
*msg_offset += sddl - start;
+
+ if (*msg_offset > strlen(sddl)) {
+ /*
+ * It's not that we *don't* trust our pointer difference
+ * arithmetic, just that we *shouldn't*. Let's render it
+ * harmless, before Python tries printing 18 quadrillion
+ * spaces.
+ */
+ DBG_WARNING("sddl error message offset %zu is too big\n",
+ *msg_offset);
+ *msg_offset = 0;
+ }
DEBUG(2,("Badly formatted SDDL '%s'\n", sddl));
talloc_free(sd);
return NULL;