]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 46f6157)
libcli/security: rearrange conditional ACE sddl_write_int
authorDouglas Bagnall <douglas.bagnall@catalyst.net.nz>
Wed, 20 Dec 2023 00:38:53 +0000 (13:38 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 21 Dec 2023 23:48:46 +0000 (23:48 +0000)
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65122

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security/sddl_conditional_ace.c patch | blob | blame | history

diff --git a/libcli/security/sddl_conditional_ace.c b/libcli/security/sddl_conditional_ace.c
index b5d0a3afa3a091a45b2824fc3ba976ec94d82b94..75a80e758ad46f02ada033b4e2ecbb7a2098d24a 100644 (file)
--- a/libcli/security/sddl_conditional_ace.c
+++ b/libcli/security/sddl_conditional_ace.c
@@ -623,6 +623,7 @@ static bool sddl_write_int(struct sddl_write_context *ctx,
        uint8_t sign = tok->data.int64.sign;
        uint8_t base = tok->data.int64.base;
        char buf[26]; /* oct(1<<63) + sign + \0 */
+       char sign_char;
        if (sign > CONDITIONAL_ACE_INT_SIGN_NONE ||
            base > CONDITIONAL_ACE_INT_BASE_16) {
                return false;
@@ -650,6 +651,7 @@ static bool sddl_write_int(struct sddl_write_context *ctx,
                /* note we allow "-0", because we will parse it. */
                return false;
        }
+       sign_char = (sign == CONDITIONAL_ACE_INT_SIGN_NEGATIVE) ? '-' : '+';
        /*
         * We can use "%+ld" for the decimal sign, but "%+lx" and "%+lo" are
         * invalid because %o and %x are unsigned.
@@ -670,12 +672,10 @@ static bool sddl_write_int(struct sddl_write_context *ctx,
                return sddl_write(ctx, "-0x8000000000000000");
        }
 
-       buf[0] = (sign == CONDITIONAL_ACE_INT_SIGN_NEGATIVE) ? '-' : '+';
-
        if (base == CONDITIONAL_ACE_INT_BASE_8) {
-               snprintf(buf + 1, sizeof(buf) - 1, "0%llo", llabs(v));
+               snprintf(buf, sizeof(buf), "%c0%llo", sign_char, llabs(v));
        } else {
-               snprintf(buf + 1, sizeof(buf) - 1, "0x%llx", llabs(v));
+               snprintf(buf, sizeof(buf), "%c0x%llx", sign_char, llabs(v));
        }
        return sddl_write(ctx, buf);
 }
Mirror of https://github.com/samba-team/samba.git