From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 15 Aug 2019 11:22:43 +0000 (+0200)
Subject: netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64
X-Git-Tag: talloc-2.3.1~754
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8f0751b8b7cd45fc7186b467d814eb5231821e34;p=thirdparty%2Fsamba.git

netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---

diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl
index e6fda421ea5..be6e45054a9 100644
--- a/librpc/idl/netlogon.idl
+++ b/librpc/idl/netlogon.idl
@@ -1386,21 +1386,27 @@ interface netlogon
 	} netr_WorkstationInfo;
 
 	typedef struct {
-		/* these first 3 values come from the fact windows
-		   actually encodes this structure as a UNICODE_STRING
-		   - see MS-NRPC section 2.2.1.3.9 */
-		[value(8)] uint32 length;
-		[value(0)] uint32 dummy;
-		[value(8)] uint32 size;
 		netr_TrustFlags flags;
 		uint32 parent_index;
 		lsa_TrustType trust_type;
 		lsa_TrustAttributes trust_attributes;
+	} netr_trust_extension_info;
+
+	typedef struct {
+		/* these first 3 values come from the fact windows
+		   actually encodes this structure as a UNICODE_STRING
+		   - see MS-NRPC section 2.2.1.3.9 */
+		[value(8)] uint3264 length;
+		[value(0)] uint3264 dummy;
+		[value(8)] uint3264 size;
+		[subcontext(0),subcontext_size(size*2)]
+		netr_trust_extension_info info;
 	} netr_trust_extension;
 
 	typedef struct {
-		uint16 length; /* value is 16 when info != NULL, otherwise 0 */
-		[value(length)] uint16 size;   /* value is 16 when info != NULL, otherwise 0 */
+		/* value is 16 when info != NULL, otherwise 0 */
+		[value(info == NULL ? 0 : 16)] uint16 length;
+		[value(info == NULL ? 0 : 16)] uint16 size;
 		netr_trust_extension *info;
 	} netr_trust_extension_container;
 
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 49a075137ff..6163eb92ff3 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -2203,13 +2203,15 @@ static NTSTATUS fill_our_one_domain_info(TALLOC_CTX *mem_ctx,
 	ZERO_STRUCTP(info);
 
 	if (is_trust_list) {
-		struct netr_trust_extension *tei = NULL;
+		struct netr_trust_extension *te = NULL;
+		struct netr_trust_extension_info *tei = NULL;
 
 		/* w2k8 only fills this on trusted domains */
-		tei = talloc_zero(mem_ctx, struct netr_trust_extension);
-		if (tei == NULL) {
+		te = talloc_zero(mem_ctx, struct netr_trust_extension);
+		if (te == NULL) {
 			return NT_STATUS_NO_MEMORY;
 		}
+		tei = &te->info;
 		tei->flags |= NETR_TRUST_FLAG_PRIMARY;
 
 		/*
@@ -2230,8 +2232,7 @@ static NTSTATUS fill_our_one_domain_info(TALLOC_CTX *mem_ctx,
 		 */
 		tei->trust_attributes = 0;
 
-		info->trust_extension.info = tei;
-		info->trust_extension.length = 16;
+		info->trust_extension.info = te;
 	}
 
 	if (is_trust_list) {
@@ -2264,15 +2265,17 @@ static NTSTATUS fill_trust_one_domain_info(TALLOC_CTX *mem_ctx,
 				const struct lsa_TrustDomainInfoInfoEx *tdo,
 				struct netr_OneDomainInfo *info)
 {
-	struct netr_trust_extension *tei = NULL;
+	struct netr_trust_extension *te = NULL;
+	struct netr_trust_extension_info *tei = NULL;
 
 	ZERO_STRUCTP(info);
 
 	/* w2k8 only fills this on trusted domains */
-	tei = talloc_zero(mem_ctx, struct netr_trust_extension);
-	if (tei == NULL) {
+	te = talloc_zero(mem_ctx, struct netr_trust_extension);
+	if (te == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
+	tei = &te->info;
 
 	if (tdo->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
 		tei->flags |= NETR_TRUST_FLAG_INBOUND;
@@ -2294,8 +2297,7 @@ static NTSTATUS fill_trust_one_domain_info(TALLOC_CTX *mem_ctx,
 	tei->trust_type = tdo->trust_type;
 	tei->trust_attributes = tdo->trust_attributes;
 
-	info->trust_extension.info = tei;
-	info->trust_extension.length = 16;
+	info->trust_extension.info = te;
 
 	info->domainname.string = tdo->netbios_name.string;
 	if (tdo->trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 94fe4020fa9..65188d2dc85 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -4096,7 +4096,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
 	struct dcerpc_binding_handle *b = NULL;
 	struct netr_OneDomainInfo *odi1 = NULL;
 	struct netr_OneDomainInfo *odi2 = NULL;
-	struct netr_trust_extension *tex2 = NULL;
+	struct netr_trust_extension_info *tex2 = NULL;
 
 	torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
 
@@ -4481,13 +4481,13 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
 	for (i=0; i < info.domain_info->trusted_domain_count; i++) {
 		struct netr_OneDomainInfo *odiT =
 			&info.domain_info->trusted_domains[i];
-		struct netr_trust_extension *texT = NULL;
+		struct netr_trust_extension_info *texT = NULL;
 
 		torture_assert_int_equal(tctx, odiT->trust_extension.length, 16,
 					 "trust_list should have extension");
 		torture_assert(tctx, odiT->trust_extension.info != NULL,
 			       "trust_list should have extension");
-		texT = odiT->trust_extension.info;
+		texT = &odiT->trust_extension.info->info;
 
 		if (GUID_equal(&odiT->domain_guid, &odi1->domain_guid)) {
 			odi2 = odiT;
@@ -4562,7 +4562,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
 				 "trust_list should have extension");
 	torture_assert(tctx, odi2->trust_extension.info != NULL,
 		       "trust_list should have extension");
-	tex2 = odi2->trust_extension.info;
+	tex2 = &odi2->trust_extension.info->info;
 	torture_assert_int_equal(tctx,
 				 tex2->flags & NETR_TRUST_FLAG_PRIMARY,
 				 NETR_TRUST_FLAG_PRIMARY,