From: Joseph Sutton Date: Thu, 13 Jul 2023 02:44:40 +0000 (+1200) Subject: librpc:ndr: Prohibit STR_NULLTERM|STR_NOTERM flags combination X-Git-Tag: talloc-2.4.2~690 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ce2f4ecd5960b6e262f24fe739bb7a8bf0632866;p=thirdparty%2Fsamba.git librpc:ndr: Prohibit STR_NULLTERM|STR_NOTERM flags combination ndr_pull_string() prohibited this, but ndr_push_string() always masked STR_NOTERM out. Now the set of allowed flags should be consistent between the two functions. Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/librpc/ndr/ndr_string.c b/librpc/ndr/ndr_string.c index 277304315b5..ab34324139d 100644 --- a/librpc/ndr/ndr_string.c +++ b/librpc/ndr/ndr_string.c @@ -321,8 +321,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_string(struct ndr_push *ndr, ndr_flags_type c_len = d_len / byte_mul; } - switch ((flags & LIBNDR_STRING_FLAGS) & ~LIBNDR_FLAG_STR_NOTERM) { + switch (flags & LIBNDR_STRING_FLAGS) { case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4: + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM: NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); @@ -330,17 +331,20 @@ _PUBLIC_ enum ndr_err_code ndr_push_string(struct ndr_push *ndr, ndr_flags_type break; case LIBNDR_FLAG_STR_LEN4: + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_NOTERM: NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); break; case LIBNDR_FLAG_STR_SIZE4: + case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM: NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); break; case LIBNDR_FLAG_STR_SIZE2: + case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM: NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, c_len)); NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); break;