libcli/sec/sddl decode: don't ignore random junk.

author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Thu, 16 Mar 2023 02:44:11 +0000 (15:44 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Thu, 16 Mar 2023 02:44:11 +0000 (15:44 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c

index 508ac3e566636727ec70a65fd4364f2ae5596f37..3b2cdfae17a69edb3601734e5e01690fdbe95fa0 100644 (file)
--- a/libcli/security/sddl.c
+++ b/libcli/security/sddl.c
@@ -524,6 +524,8 @@ struct security_descriptor *sddl_decode(TALLOC_CTX *mem_ctx, const char *sddl,
                         sd->group_sid = sddl_decode_sid(sd, &sddl, &state);
                         if (sd->group_sid == NULL) goto failed;
                         break;
+               default:
+                       goto failed;
                 }
         }
  
diff --git a/selftest/knownfail.d/sddl b/selftest/knownfail.d/sddl

new file mode 100644 (file)

index 0000000..e69de29
author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Thu, 16 Mar 2023 02:44:11 +0000 (15:44 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 28 Apr 2023 02:15:36 +0000 (02:15 +0000)
libcli/security/sddl.c		patch \| blob \| blame \| history
selftest/knownfail.d/sddl	[new file with mode: 0644]	patch \| blob