git.samba.org
/
ira
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
f1c889a
)
libcli/security: Prohibit SID formats like S-1-5-32-+545
author
Volker Lendecke
<vl@samba.org>
Sat, 23 Jan 2010 13:53:54 +0000
(14:53 +0100)
committer
Volker Lendecke
<vl@samba.org>
Sat, 23 Jan 2010 15:28:11 +0000
(16:28 +0100)
libcli/security/dom_sid.c
patch
|
blob
|
history
diff --git
a/libcli/security/dom_sid.c
b/libcli/security/dom_sid.c
index 6a046cd8061b5142f05d32c56fa69599abe777e1..8a2ed1fccc9862d4dbc93f589de9aa39243a98d6 100644
(file)
--- a/
libcli/security/dom_sid.c
+++ b/
libcli/security/dom_sid.c
@@
-96,12
+96,20
@@
bool dom_sid_parse(const char *sidstr, struct dom_sid *ret)
sidstr += 2;
+ if (!isdigit(sidstr[0])) {
+ return false;
+ }
+
rev = strtoul(sidstr, &p, 10);
if (*p != '-') {
return false;
}
sidstr = p+1;
+ if (!isdigit(sidstr[0])) {
+ return false;
+ }
+
ia = strtoul(sidstr, &p, 10);
if (p == sidstr) {
return false;
@@
-131,6
+139,11
@@
bool dom_sid_parse(const char *sidstr, struct dom_sid *ret)
return false;
}
sidstr++;
+
+ if (!isdigit(sidstr[0])) {
+ return false;
+ }
+
ret->sub_auths[i] = strtoul(sidstr, &p, 10);
if (p == sidstr) {
return false;