ndr: fix coda logic around in ndr_pull_security_ace()
Sometimes an access allowed object ACE has unneeded trailing bytes,
like this:
aces: struct security_ace
type : SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0048 (72)
access_mask : 0x00000100 (256)
object : union security_ace_object_ctr(case 1)
object: struct security_ace_object
flags : 0x00000001 (1)
1: SEC_ACE_OBJECT_TYPE_PRESENT
0: SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union security_ace_object_type(case 1)
type :
edacfd8f-ffb3-11d1-b41d-
00a0c968f939
inherited_type : union security_ace_object_inherited_type(case 0)
trustee : S-1-3-0
coda : union security_ace_coda(case 5)
ignored : DATA_BLOB length=32
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
which we need to pull in order to ignore.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Feb 13 15:15:40 UTC 2025 on atb-devel-224
projects / thirdparty / samba.git / commit
