s4:kdc: Check for overflow when adding a domain group SID

author Joseph Sutton <josephsutton@catalyst.net.nz>

Mon, 4 Sep 2023 22:32:26 +0000 (10:32 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Thu, 14 Sep 2023 21:35:29 +0000 (21:35 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Mon, 4 Sep 2023 22:32:26 +0000 (10:32 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Thu, 14 Sep 2023 21:35:29 +0000 (21:35 +0000)
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c

index dcef5da2f9a13770b0ddf814875db37611260161..8b6d4639cf6fb45ae7144c9ef25963e9557b7d41 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -1727,6 +1727,10 @@ static krb5_error_code samba_kdc_add_domain_group_sid(struct PAC_DEVICE_INFO *in
         }
  
         if (domain_group == NULL) {
+               if (info->domain_group_count == UINT32_MAX) {
+                       return EINVAL;
+               }
+
                 info->domain_groups = talloc_realloc(
                         info,
                         info->domain_groups,
@@ -1761,6 +1765,10 @@ static krb5_error_code samba_kdc_add_domain_group_sid(struct PAC_DEVICE_INFO *in
                 }
         }
  
+       if (domain_group->groups.count == UINT32_MAX) {
+               return EINVAL;
+       }
+
         domain_group->groups.rids = talloc_realloc(info->domain_groups,
                                                    domain_group->groups.rids,
                                                    struct samr_RidWithAttribute,
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Mon, 4 Sep 2023 22:32:26 +0000 (10:32 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Thu, 14 Sep 2023 21:35:29 +0000 (21:35 +0000)