From 0e201ecdc53b07d66342e453b3710d3d06481b8b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 14 Jul 2016 09:34:43 +0200 Subject: [PATCH] krb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This difference is the reason why we can't fully (ndr)validate some PAC blobs. Signed-off-by: Stefan Metzmacher Reviewed-by: Günther Deschner --- librpc/idl/krb5pac.idl | 6 ++++++ librpc/idl/netlogon.idl | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index 33733bf79f7..f27e7243ee4 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -33,6 +33,12 @@ interface krb5pac typedef struct { netr_SamInfo3 info3; + /* + * On ndr_push: + * Pointers values of info3.sids[*].sid + * should be allocated before the following ones? + * (just the 0x30 0x00 0x02 0x00 value). + */ PAC_DOMAIN_GROUP_MEMBERSHIP resource_groups; } PAC_LOGON_INFO; diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index 5eb8e6ae236..621d537a62c 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -263,6 +263,14 @@ interface netlogon netr_SamBaseInfo base; uint32 sidcount; [size_is(sidcount)] netr_SidAttr *sids; + /* + * On ndr_push: + * Should pointer values be allocated + * of sids[*].sid before the following ones? + * + * That's at least the case for + * PAC_LOGON_INFO. + */ lsa_String dns_domainname; lsa_String principal_name; uint32 unknown4[20]; -- 2.47.3