libcli:security:sddl: accept only 8-4-4-4-12 GUIDs

author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Tue, 25 Apr 2023 22:24:25 +0000 (10:24 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Tue, 25 Apr 2023 22:24:25 +0000 (10:24 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c

index 8e67f90bf865188a7965b74b612d93673b12aeaf..74e0f0dccae0188c1cdddd3c6de14808b1c7726d 100644 (file)
--- a/libcli/security/sddl.c
+++ b/libcli/security/sddl.c
@@ -25,6 +25,8 @@
  #include "librpc/gen_ndr/ndr_misc.h"
  #include "lib/util/smb_strtox.h"
  #include "system/locale.h"
+#include "lib/util/util_str_hex.h"
+
  
  struct sddl_transition_state {
         const struct dom_sid *machine_sid;
@@ -417,6 +419,16 @@ static bool sddl_decode_access(const char *str, uint32_t *pmask)
         return true;
  }
  
+
+static bool sddl_decode_guid(const char *str, struct GUID *guid)
+{
+        if (strlen(str) != 36) {
+                return false;
+        }
+        return parse_guid_string(str, guid);
+}
+
+
  /*
    decode an ACE
    return true on success, false on failure
@@ -472,9 +484,8 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
  
         /* object */
         if (tok[3][0] != 0) {
-               NTSTATUS status = GUID_from_string(tok[3],
-                                                  &ace->object.object.type.type);
-               if (!NT_STATUS_IS_OK(status)) {
+               ok = sddl_decode_guid(tok[3], &ace->object.object.type.type);
+               if (!ok) {
                         return false;
                 }
                 ace->object.object.flags |= SEC_ACE_OBJECT_TYPE_PRESENT;
@@ -482,9 +493,9 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
  
         /* inherit object */
         if (tok[4][0] != 0) {
-               NTSTATUS status = GUID_from_string(tok[4],
-                                                  &ace->object.object.inherited_type.inherited_type);
-               if (!NT_STATUS_IS_OK(status)) {
+               ok = sddl_decode_guid(tok[4],
+                                     &ace->object.object.inherited_type.inherited_type);
+               if (!ok) {
                         return false;
                 }
                 ace->object.object.flags |= SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT;
diff --git a/selftest/knownfail.d/sddl b/selftest/knownfail.d/sddl

index 44c018ac8d733e363662300430e922fe31d9f009..3c33617e793cc269ba76bf1673cbca6157d86eea 100644 (file)
--- a/selftest/knownfail.d/sddl
+++ b/selftest/knownfail.d/sddl
@@ -1,6 +1,3 @@
-^samba.tests.sddl.+.SddlShouldFail.test_sddl_should_fail_D:.A;;GA;;0123456789abcdef0123456789abcdef;WD..none
-^samba.tests.sddl.+.SddlShouldFail.test_sddl_should_fail_D:.A;;GA;;0123456789abcdef;WD..none
-^samba.tests.sddl.+.SddlShouldFail.test_sddl_should_fail_D:.A;;GA;;{f30e3bbf-9ff0-11d1-b603-0000f80367c1};WD..none
  ^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;0x001f01ff;;;WD..A;;0x001f01ff;;;S-1-5-21-11111111-22222222-33333333-1001..A;;0x001f01ff;;;S-1.11522-more-characters.none
  ^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_D:.A;;FA;;;WD..none
  ^samba.tests.sddl.+.SddlWindowsFlagsAreDifferent.test_sddl_O:S-1-5-21-2212615479-2695158682-2101375468-512G:S-1-5-21-2212615479-2695158682-2101375468-513D:P.A;.482-more-characters.none
author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Tue, 25 Apr 2023 22:24:25 +0000 (10:24 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
libcli/security/sddl.c		patch \| blob \| history
selftest/knownfail.d/sddl		patch \| blob \| history