krb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push

This difference is the reason why we can't fully (ndr)validate some
PAC blobs.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl
index 33733bf79f7716f1184e033820dc449116ebe14f..f27e7243ee429cb973727f90e843834ebb7f2964 100644 (file)
--- a/librpc/idl/krb5pac.idl
+++ b/librpc/idl/krb5pac.idl
@@ -33,6 +33,12 @@ interface krb5pac
 
        typedef struct {
                netr_SamInfo3 info3;
+               /*
+                * On ndr_push:
+                * Pointers values of info3.sids[*].sid
+                * should be allocated before the following ones?
+                * (just the 0x30 0x00 0x02 0x00 value).
+                */
                PAC_DOMAIN_GROUP_MEMBERSHIP resource_groups;
        } PAC_LOGON_INFO;
 

diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl
index 5eb8e6ae2361c8ad4596e04060ebda1cb82d8851..621d537a62ccd9e289b183631a2d9064ae075990 100644 (file)
--- a/librpc/idl/netlogon.idl
+++ b/librpc/idl/netlogon.idl
@@ -263,6 +263,14 @@ interface netlogon
                netr_SamBaseInfo base;
                uint32 sidcount;
                [size_is(sidcount)] netr_SidAttr *sids;
+               /*
+                * On ndr_push:
+                * Should pointer values be allocated
+                * of sids[*].sid before the following ones?
+                *
+                * That's at least the case for
+                * PAC_LOGON_INFO.
+                */
                lsa_String dns_domainname;
                lsa_String principal_name;
                uint32 unknown4[20];