s3-samr: refuse do process UserSetInfo with 0 fields_present.
authorGünther Deschner <gd@samba.org>
Fri, 28 Nov 2008 23:23:16 +0000 (00:23 +0100)
committerGünther Deschner <gd@samba.org>
Mon, 1 Dec 2008 23:52:11 +0000 (00:52 +0100)
Guenther

source3/rpc_server/srv_samr_nt.c

index 7cc4b2c19287e5cc78a35172b341140be3327329..7baab1c86f6919bc5282a37ce4d8994909b56caa 100644 (file)
@@ -3891,6 +3891,10 @@ static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
                return NT_STATUS_INVALID_PARAMETER;
        }
 
+       if (id21->fields_present == 0) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
        if (id21->fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }
        if (id21->fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -3974,6 +3978,10 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
                return NT_STATUS_INVALID_PARAMETER;
        }
 
+       if (id23->info.fields_present == 0) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
        if (id23->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }
        if (id23->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -4142,6 +4150,10 @@ static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
                return NT_STATUS_INVALID_PARAMETER;
        }
 
+       if (id25->info.fields_present == 0) {
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
        if (id25->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }
        if (id25->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
                return NT_STATUS_ACCESS_DENIED;
        }