From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Fri, 24 Mar 2023 03:18:44 +0000 (+1300)
Subject: libcli/security: ace type is not enum not flags
X-Git-Tag: talloc-2.4.1~830
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=251da186bf4cf184ec0561ae404cfd5f08b0ae65;p=thirdparty%2Fsamba.git

libcli/security: ace type is not enum not flags

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c
index 6e4cb1085e8..93ff97abe21 100644
--- a/libcli/security/sddl.c
+++ b/libcli/security/sddl.c
@@ -404,6 +404,7 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
 	uint32_t v;
 	struct dom_sid *sid;
 	bool ok;
+	size_t len;
 
 	ZERO_STRUCTP(ace);
 
@@ -418,9 +419,16 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char
 	}
 
 	/* parse ace type */
-	if (!sddl_map_flags(ace_types, tok[0], &v, NULL, false)) {
+	ok = sddl_map_flag(ace_types, tok[0], &len, &v);
+	if (!ok) {
+		DBG_WARNING("Unknown ACE type - %s\n", tok[0]);
 		return false;
 	}
+	if (tok[0][len] != '\0') {
+		DBG_WARNING("Garbage after ACE type - %s\n", tok[0]);
+		return false;
+	}
+
 	ace->type = v;
 
 	/* ace flags */