From ce43dd0571d0ae5703fb82f936a41566d3972a8e Mon Sep 17 00:00:00 2001 From: Joseph Sutton Date: Tue, 4 May 2021 14:09:44 +1200 Subject: [PATCH] ndr: Display values for failed range checks BUG: https://bugzilla.samba.org/show_bug.cgi?id=9914 Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- libcli/nbt/nbtname.c | 2 +- librpc/ndr/ndr_sec_helper.c | 4 ++-- pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 22 ++++++++++++++++++---- pidl/lib/Parse/Pidl/Typelist.pm | 22 +++++++++++++++++++++- 4 files changed, 42 insertions(+), 8 deletions(-) diff --git a/libcli/nbt/nbtname.c b/libcli/nbt/nbtname.c index c4f2524021f..1881e463635 100644 --- a/libcli/nbt/nbtname.c +++ b/libcli/nbt/nbtname.c @@ -339,7 +339,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr NDR_CHECK(ndr_pull_align(ndr, 4)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &namebuf_len)); if (namebuf_len < 1 || namebuf_len > 255) { - return ndr_pull_error(ndr, NDR_ERR_ALLOC, "value out of range"); + return ndr_pull_error(ndr, NDR_ERR_ALLOC, "value (%"PRIu32") out of range (1 - 255)", namebuf_len); } NDR_PULL_ALLOC_N(ndr, namebuf, namebuf_len); NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len)); diff --git a/librpc/ndr/ndr_sec_helper.c b/librpc/ndr/ndr_sec_helper.c index ffb6244eb36..e16f8fe1f26 100644 --- a/librpc/ndr/ndr_sec_helper.c +++ b/librpc/ndr/ndr_sec_helper.c @@ -324,7 +324,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_dom_sid(struct ndr_push *ndr, int ndr_flags, NDR_CHECK(ndr_push_int8(ndr, NDR_SCALARS, r->num_auths)); NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); if (r->num_auths < 0 || r->num_auths > ARRAY_SIZE(r->sub_auths)) { - return ndr_push_error(ndr, NDR_ERR_RANGE, "value out of range"); + return ndr_push_error(ndr, NDR_ERR_RANGE, "value (%"PRId8") out of range (0 - %zu)", r->num_auths, ARRAY_SIZE(r->sub_auths)); } for (cntr_sub_auths_0 = 0; cntr_sub_auths_0 < r->num_auths; cntr_sub_auths_0++) { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sub_auths[cntr_sub_auths_0])); @@ -341,7 +341,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dom_sid(struct ndr_pull *ndr, int ndr_flags, NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sid_rev_num)); NDR_CHECK(ndr_pull_int8(ndr, NDR_SCALARS, &r->num_auths)); if (r->num_auths < 0 || r->num_auths > ARRAY_SIZE(r->sub_auths)) { - return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value (%"PRId8") out of range (0 - %zu)", r->num_auths, ARRAY_SIZE(r->sub_auths)); } NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->id_auth, 6)); ZERO_STRUCT(r->sub_auths); diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm index 15f695d00d7..a4d3eb5e0a3 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm @@ -14,7 +14,7 @@ push @ISA, qw(Exporter); use strict; use warnings; -use Parse::Pidl::Typelist qw(hasType getType mapTypeName typeHasBody); +use Parse::Pidl::Typelist qw(hasType getType mapTypeName mapTypeSpecifier typeHasBody); use Parse::Pidl::Util qw(has_property ParseExpr ParseExprExt @@ -371,7 +371,8 @@ sub ParseArrayPullGetSize($$$$$$) } else { $self->pidl("if ($array_size < $low || $array_size > $high) {"); } - $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); + $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value (%\"PRIu32\") out of range (%\"PRIu32\" - %\"PRIu32\")\", $array_size, (uint32_t)$low, (uint32_t)$high);"); + $self->pidl("}"); } @@ -410,7 +411,7 @@ sub ParseArrayPullGetLength($$$$$$;$) } else { $self->pidl("if ($array_length < $low || $array_length > $high) {"); } - $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); + $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value (%\"PRIu32\") out of range (%\"PRIu32\" - %\"PRIu32\")\", $array_length, (uint32_t)$low, (uint32_t)$high);"); $self->pidl("}"); } @@ -1036,7 +1037,20 @@ sub ParseDataPull($$$$$$$) } else { $self->pidl("if ($var_name < $low || $var_name > $high) {"); } - $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); + + my $data_type = mapTypeName($l->{DATA_TYPE}); + my $fmt = mapTypeSpecifier($data_type); + + if (!defined($fmt)) { + if (getType($l->{DATA_TYPE})->{DATA}->{TYPE} eq "ENUM") { + $data_type = "int"; + $fmt = "d"; + } else { + die("Format ($data_type) not supported"); + } + } + + $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value (%$fmt) out of range (%$fmt - %$fmt)\", ($data_type)$var_name, ($data_type)$low, ($data_type)$high);"); $self->pidl("}"); } } else { diff --git a/pidl/lib/Parse/Pidl/Typelist.pm b/pidl/lib/Parse/Pidl/Typelist.pm index c0e07b97986..436a03741db 100644 --- a/pidl/lib/Parse/Pidl/Typelist.pm +++ b/pidl/lib/Parse/Pidl/Typelist.pm @@ -7,7 +7,7 @@ package Parse::Pidl::Typelist; require Exporter; @ISA = qw(Exporter); -@EXPORT_OK = qw(hasType getType resolveType mapTypeName scalar_is_reference expandAlias +@EXPORT_OK = qw(hasType getType resolveType mapTypeName mapTypeSpecifier scalar_is_reference expandAlias mapScalarType addType typeIs is_signed is_scalar enum_type_fn bitmap_type_fn mapType typeHasBody is_fixed_size_scalar ); @@ -89,6 +89,18 @@ my %aliases = ( "mode_t" => "uint32", ); +my %format_specifiers = ( + "char" => "c", + "int8_t", => "\"PRId8\"", + "int16_t", => "\"PRId16\"", + "int32_t", => "\"PRId32\"", + "int64_t", => "\"PRId64\"", + "uint8_t", => "\"PRIu8\"", + "uint16_t", => "\"PRIu16\"", + "uint32_t", => "\"PRIu32\"", + "uint64_t", => "\"PRIu64\"" +); + sub expandAlias($) { my $name = shift; @@ -316,6 +328,14 @@ sub mapTypeName($) } +sub mapTypeSpecifier($) +{ + my $t = shift; + return undef unless defined($t); + + return $format_specifiers{$t}; +} + sub LoadIdl($;$) { my $idl = shift; -- 2.47.3