From ab3a62404fd1078c255a68238f88295ecdb06858 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 29 Jan 2025 09:36:32 +0100 Subject: [PATCH] auth: let make_user_info_dc_netlogon_validation validate all parameters first Signed-off-by: Stefan Metzmacher Reviewed-by: Jennifer Sutton --- auth/auth_sam_reply.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c index 94e2c8b08ee..e0f3168e26a 100644 --- a/auth/auth_sam_reply.c +++ b/auth/auth_sam_reply.c @@ -686,11 +686,6 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_LEVEL; } - user_info_dc = talloc_zero(mem_ctx, struct auth_user_info_dc); - if (user_info_dc == NULL) { - return NT_STATUS_NO_MEMORY; - } - /* Here is where we should check the list of trusted domains, and verify that the SID @@ -698,17 +693,28 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, */ if (!base->domain_sid) { DEBUG(0, ("Cannot operate on a Netlogon Validation without a domain SID\n")); - talloc_free(user_info_dc); return NT_STATUS_INVALID_PARAMETER; } /* The IDL layer would be a better place to check this, but to * guard the integer addition below, we double-check */ - if (base->groups.count > 65535) { - talloc_free(user_info_dc); + if (base->groups.count > UINT16_MAX) { + return NT_STATUS_INVALID_PARAMETER; + } + + /* + * The IDL layer would be a better place to check this, but to + * guard the integer addition below, we double-check + */ + if (sidcount > UINT16_MAX) { return NT_STATUS_INVALID_PARAMETER; } + user_info_dc = talloc_zero(mem_ctx, struct auth_user_info_dc); + if (user_info_dc == NULL) { + return NT_STATUS_NO_MEMORY; + } + user_info_dc->num_sids = PRIMARY_SIDS_COUNT; user_info_dc->sids = talloc_array(user_info_dc, struct auth_SidAttr, user_info_dc->num_sids + base->groups.count); @@ -747,15 +753,6 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, user_info_dc->num_sids++; } - /* - * The IDL layer would be a better place to check this, but to - * guard the integer addition below, we double-check - */ - if (sidcount > UINT16_MAX) { - talloc_free(user_info_dc); - return NT_STATUS_INVALID_PARAMETER; - } - if (sidcount > 0) { struct auth_SidAttr *dgrps = user_info_dc->sids; size_t dgrps_count; -- 2.47.2