From: Joseph Sutton Date: Mon, 3 May 2021 03:48:43 +0000 (+1200) Subject: Revert "libsmb: Use sid_parse()" X-Git-Tag: tevent-0.11.0~812 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2b487890d946df88abce67c3d07d74559f70f069;p=thirdparty%2Fsamba.git Revert "libsmb: Use sid_parse()" This reverts commit afd5d34f5e1d13ba88448b3b94d353aa8361d1a9. This code originally used ndr_pull_struct_blob() to pull one SID from a buffer potentially containing multiple SIDs. When this was changed to use sid_parse(), it was now attempting to parse the whole buffer as a single SID with ndr_pull_struct_blob_all(), which would cause it to fail if more than one SID was present. Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett Reviewed-by: Douglas Bagnall --- diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c index bcfe406e07b..a9b3b03abb6 100644 --- a/source3/libsmb/clifsinfo.c +++ b/source3/libsmb/clifsinfo.c @@ -29,7 +29,6 @@ #include "../libcli/smb/smbXcli_base.h" #include "auth/credentials/credentials.h" #include "../librpc/gen_ndr/ndr_security.h" -#include "libcli/security/dom_sid.h" /**************************************************************************** Get UNIX extensions version info. @@ -686,9 +685,23 @@ static void cli_posix_whoami_done(struct tevent_req *subreq) num_rdata -= (p - rdata); for (i = 0; i < state->num_sids; i++) { - ssize_t sid_size = sid_parse(p, num_rdata, &state->sids[i]); + size_t sid_size; + DATA_BLOB in = data_blob_const(p, num_rdata); + enum ndr_err_code ndr_err; - if ((sid_size == -1) || (sid_size > num_rdata)) { + ndr_err = ndr_pull_struct_blob(&in, + state, + &state->sids[i], + (ndr_pull_flags_fn_t)ndr_pull_dom_sid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + tevent_req_nterror(req, + NT_STATUS_INVALID_NETWORK_RESPONSE); + return; + } + + sid_size = ndr_size_dom_sid(&state->sids[i], 0); + + if (sid_size > num_rdata) { tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); return;