diff options
Diffstat (limited to 'source/rpc_parse')
-rw-r--r-- | source/rpc_parse/parse_lsa.c | 14 | ||||
-rw-r--r-- | source/rpc_parse/parse_net.c | 6 | ||||
-rw-r--r-- | source/rpc_parse/parse_samr.c | 42 | ||||
-rw-r--r-- | source/rpc_parse/parse_srv.c | 8 |
4 files changed, 70 insertions, 0 deletions
diff --git a/source/rpc_parse/parse_lsa.c b/source/rpc_parse/parse_lsa.c index f32ff58efba..272e76eefed 100644 --- a/source/rpc_parse/parse_lsa.c +++ b/source/rpc_parse/parse_lsa.c @@ -82,6 +82,8 @@ void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth) smb_io_unihdr2("", &(r_r->hdr_dom_name), ps, depth); /* domain name unicode string header */ + ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1-1); + for (i = 0; i < r_r->num_ref_doms_1-1; i++) { smb_io_unihdr2("", &(r_r->hdr_ref_dom[i]), ps, depth); @@ -89,6 +91,8 @@ void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth) smb_io_unistr("", &(r_r->uni_dom_name), ps, depth); /* domain name unicode string */ + ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2); + for (i = 0; i < r_r->num_ref_doms_2; i++) { smb_io_dom_sid2("", &(r_r->ref_dom[i]), ps, depth); /* referenced domain SIDs */ @@ -413,6 +417,8 @@ void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth) prs_uint32("ptr_sid_enum", ps, depth, &(sen->ptr_sid_enum)); prs_uint32("num_entries2", ps, depth, &(sen->num_entries2)); + ASSERT_ARRAY(sen->ptr_sid, sen->num_entries); + for (i = 0; i < sen->num_entries; i++) { fstring temp; @@ -420,6 +426,8 @@ void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth) prs_uint32(temp, ps, depth, &(sen->ptr_sid[i])); /* domain SID pointers to be looked up. */ } + ASSERT_ARRAY(sen->sid, sen->num_entries); + for (i = 0; i < sen->num_entries; i++) { fstring temp; @@ -467,6 +475,8 @@ void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, in prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names)); prs_uint32("num_entries2 ", ps, depth, &(trn->num_entries2)); + ASSERT_ARRAY(trn->ptr_name, trn->num_entries); + for (i = 0; i < trn->num_entries; i++) { fstring temp; @@ -527,6 +537,8 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i prs_uint32("buffer_dom_sid ", ps, depth, &(q_r->buffer_dom_sid)); /* undocumented domain SID buffer pointer */ prs_uint32("buffer_dom_name", ps, depth, &(q_r->buffer_dom_name)); /* undocumented domain name buffer pointer */ + ASSERT_ARRAY(q_r->lookup_name, q_r->num_entries); + for (i = 0; i < q_r->num_entries; i++) { smb_io_dom_name("", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */ @@ -555,6 +567,8 @@ void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, i prs_uint32("undoc_buffer", ps, depth, &(r_r->undoc_buffer)); prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2)); + ASSERT_ARRAY(r_r->dom_rid, r_r->num_entries2); + for (i = 0; i < r_r->num_entries2; i++) { smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */ diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c index 1b253beeb94..8a15ae6bb4b 100644 --- a/source/rpc_parse/parse_net.c +++ b/source/rpc_parse/parse_net.c @@ -983,6 +983,9 @@ void make_net_user_info3(NET_USER_INFO_3 *usr, make_unistr2(&(usr->uni_dir_drive ), dir_drive , len_dir_drive ); usr->num_groups2 = num_groups; + + ASSERT_ARRAY(usr->gids, num_groups); + for (i = 0; i < num_groups; i++) { usr->gids[i] = gids[i]; @@ -1057,6 +1060,7 @@ void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int de prs_align(ps); prs_uint32("num_groups2 ", ps, depth, &(usr->num_groups2)); /* num groups */ + ASSERT_ARRAY(usr->gids, usr->num_groups2); for (i = 0; i < usr->num_groups2; i++) { smb_io_gid("", &(usr->gids[i]), ps, depth); /* group info */ @@ -1067,6 +1071,8 @@ void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int de smb_io_dom_sid2("", &(usr->dom_sid), ps, depth); /* domain SID */ + ASSERT_ARRAY(usr->other_sids, usr->num_other_sids); + for (i = 0; i < usr->num_other_sids; i++) { smb_io_dom_sid2("", &(usr->other_sids[i]), ps, depth); /* other domain SIDs */ diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c index 44503ee8c93..b325ed7f188 100644 --- a/source/rpc_parse/parse_samr.c +++ b/source/rpc_parse/parse_samr.c @@ -290,6 +290,8 @@ void sam_io_sid_stuff(char *desc, SAM_SID_STUFF *stf, prs_struct *ps, int depth prs_uint32("num_sids ", ps, depth, &(stf->num_sids )); prs_uint16("padding2 ", ps, depth, &(stf->padding2 )); + ASSERT_ARRAY(stf->sid, stf->num_sids); + for (i = 0; i < stf->num_sids; i++) { sam_io_dom_sid3("", &(stf->sid[i]), ps, depth); @@ -735,6 +737,9 @@ void make_samr_r_enum_dom_users(SAMR_R_ENUM_DOM_USERS *r_u, r_u->num_entries2 = num_sam_entries; r_u->num_entries3 = num_sam_entries; + ASSERT_ARRAY(r_u->sam, num_sam_entries); + ASSERT_ARRAY(r_u->uni_acct_name, num_sam_entries); + for (i = 0; i < num_sam_entries; i++) { make_sam_entry(&(r_u->sam[i]), @@ -780,12 +785,16 @@ void samr_io_r_enum_dom_users(char *desc, SAMR_R_ENUM_DOM_USERS *r_u, prs_struc prs_uint32("ptr_entries2", ps, depth, &(r_u->ptr_entries2)); prs_uint32("num_entries3", ps, depth, &(r_u->num_entries3)); + ASSERT_ARRAY(r_u->sam, r_u->num_entries2); + for (i = 0; i < r_u->num_entries2; i++) { prs_grow(ps); sam_io_sam_entry("", &(r_u->sam[i]), ps, depth); } + ASSERT_ARRAY(r_u->uni_acct_name, r_u->num_entries2); + for (i = 0; i < r_u->num_entries2; i++) { prs_grow(ps); @@ -867,6 +876,8 @@ void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u, r_u->ptr_entries2 = 1; r_u->num_entries3 = num_sam_entries; + ASSERT_ARRAY(r_u->sam, num_sam_entries); + for (i = 0; i < num_sam_entries; i++) { make_sam_entry(&(r_u->sam[i]), @@ -909,6 +920,8 @@ void samr_io_r_enum_dom_aliases(char *desc, SAMR_R_ENUM_DOM_ALIASES *r_u, prs_s prs_uint32("ptr_entries2", ps, depth, &(r_u->ptr_entries2)); prs_uint32("num_entries3", ps, depth, &(r_u->num_entries3)); + ASSERT_ARRAY(r_u->sam, r_u->num_entries); + for (i = 0; i < r_u->num_entries; i++) { sam_io_sam_entry("", &(r_u->sam[i]), ps, depth); @@ -1036,6 +1049,8 @@ void sam_io_sam_info_2(char *desc, SAM_INFO_2 *sam, prs_struct *ps, int depth) prs_uint32("num_entries2 ", ps, depth, &(sam->num_entries2 )); + ASSERT_ARRAY(sam->sam, sam->num_entries); + for (i = 0; i < sam->num_entries; i++) { sam_io_sam_entry2("", &(sam->sam[i]), ps, depth); @@ -1117,6 +1132,8 @@ void sam_io_sam_info_1(char *desc, SAM_INFO_1 *sam, prs_struct *ps, int depth) prs_uint32("num_entries2 ", ps, depth, &(sam->num_entries2 )); + ASSERT_ARRAY(sam->sam, sam->num_entries); + for (i = 0; i < sam->num_entries; i++) { sam_io_sam_entry1("", &(sam->sam[i]), ps, depth); @@ -1333,6 +1350,8 @@ void samr_io_r_enum_dom_groups(char *desc, SAMR_R_ENUM_DOM_GROUPS *r_u, prs_str prs_uint32("num_entries2 ", ps, depth, &(r_u->num_entries2 )); + ASSERT_ARRAY(r_u->sam, r_u->num_entries); + for (i = 0; i < r_u->num_entries; i++) { sam_io_sam_entry3("", &(r_u->sam[i]), ps, depth); @@ -1495,6 +1514,8 @@ void samr_io_q_lookup_ids(char *desc, SAMR_Q_LOOKUP_IDS *q_u, prs_struct *ps, i prs_uint32("ptr ", ps, depth, &(q_u->ptr )); prs_uint32("num_sids2", ps, depth, &(q_u->num_sids2)); + ASSERT_ARRAY(q_u->ptr_sid, q_u->num_sids2); + for (i = 0; i < q_u->num_sids2; i++) { slprintf(tmp, sizeof(tmp) - 1, "ptr[%02d]", i); @@ -1531,6 +1552,8 @@ void make_samr_r_lookup_ids(SAMR_R_LOOKUP_IDS *r_u, r_u->ptr = 1; r_u->num_entries2 = num_rids; + ASSERT_ARRAY(r_u->rid, num_rids); + for (i = 0; i < num_rids; i++) { r_u->rid[i] = rid[i]; @@ -1566,6 +1589,7 @@ void samr_io_r_lookup_ids(char *desc, SAMR_R_LOOKUP_IDS *r_u, prs_struct *ps, i if (r_u->num_entries != 0) { + ASSERT_ARRAY(r_u->rid, r_u->num_entries2); for (i = 0; i < r_u->num_entries2; i++) { @@ -1599,6 +1623,8 @@ void samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *p prs_uint32("ptr ", ps, depth, &(q_u->ptr )); prs_uint32("num_rids2", ps, depth, &(q_u->num_rids2)); + ASSERT_ARRAY(q_u->hdr_user_name, q_u->num_rids2); + for (i = 0; i < q_u->num_rids2; i++) { smb_io_unihdr ("", &(q_u->hdr_user_name[i]), ps, depth); @@ -1629,6 +1655,8 @@ void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u, r_u->undoc_buffer = 1; r_u->num_entries2 = num_rids; + ASSERT_ARRAY(r_u->dom_rid, num_rids); + for (i = 0; i < num_rids; i++) { make_dom_rid3(&(r_u->dom_rid[i]), rid[i]); @@ -1666,6 +1694,8 @@ void samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *p if (r_u->num_entries != 0) { + ASSERT_ARRAY(r_u->dom_rid, r_u->num_entries2); + for (i = 0; i < r_u->num_entries2; i++) { smb_io_dom_rid3("", &(r_u->dom_rid[i]), ps, depth); @@ -1697,6 +1727,8 @@ void make_samr_q_unknown_12(SAMR_Q_UNKNOWN_12 *q_u, q_u->ptr = 0; q_u->num_gids2 = num_gids; + ASSERT_ARRAY(q_u->gid, num_gids); + for (i = 0; i < num_gids; i++) { q_u->gid[i] = gid[i]; @@ -1726,6 +1758,8 @@ void samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i prs_uint32("ptr ", ps, depth, &(q_u->ptr )); prs_uint32("num_gids2", ps, depth, &(q_u->num_gids2)); + ASSERT_ARRAY(q_u->gid, q_u->num_gids2); + for (i = 0; i < q_u->num_gids2; i++) { slprintf(tmp, sizeof(tmp) - 1, "gid[%02d] ", i); @@ -1758,6 +1792,8 @@ void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u, r_u->ptr_als_usrs = 1; r_u->num_als_usrs2 = num_aliases; + ASSERT_ARRAY(r_u->hdr_als_name, num_aliases); + for (i = 0; i < num_aliases; i++) { int als_len = als_name[i] != NULL ? strlen(als_name[i]) : 0; @@ -1800,6 +1836,8 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i if (r_u->ptr_aliases != 0 && r_u->num_aliases1 != 0) { + ASSERT_ARRAY(r_u->hdr_als_name, r_u->num_aliases2); + for (i = 0; i < r_u->num_aliases2; i++) { slprintf(tmp, sizeof(tmp) - 1, "als_hdr[%02d] ", i); @@ -1820,6 +1858,8 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i if (r_u->ptr_als_usrs != 0 && r_u->num_als_usrs1 != 0) { + ASSERT_ARRAY(r_u->num_als_usrs, r_u->num_als_usrs2); + for (i = 0; i < r_u->num_als_usrs2; i++) { slprintf(tmp, sizeof(tmp) - 1, "als_usrs[%02d] ", i); @@ -1980,6 +2020,8 @@ void samr_io_r_query_usergroups(char *desc, SAMR_R_QUERY_USERGROUPS *r_u, prs_s { prs_uint32("num_entries2", ps, depth, &(r_u->num_entries2)); + ASSERT_ARRAY(r_u->gid, r_u->num_entries2); + for (i = 0; i < r_u->num_entries2; i++) { smb_io_gid("", &(r_u->gid[i]), ps, depth); diff --git a/source/rpc_parse/parse_srv.c b/source/rpc_parse/parse_srv.c index 72cc34da9ee..44e3ef827bf 100644 --- a/source/rpc_parse/parse_srv.c +++ b/source/rpc_parse/parse_srv.c @@ -114,6 +114,8 @@ void srv_io_srv_share_info_1(char *desc, SRV_SHARE_INFO_1 *ctr, prs_struct *ps, prs_uint32("num_entries_read2", ps, depth, &(ctr->num_entries_read2)); + ASSERT_ARRAY(ctr->info_1, num_entries); + for (i = 0; i < num_entries; i++) { prs_grow(ps); @@ -236,6 +238,8 @@ void srv_io_srv_share_info_2(char *desc, SRV_SHARE_INFO_2 *ctr, prs_struct *ps, prs_uint32("num_entries_read2", ps, depth, &(ctr->num_entries_read2)); + ASSERT_ARRAY(ctr->info_2, num_entries); + for (i = 0; i < num_entries; i++) { prs_grow(ps); @@ -447,6 +451,8 @@ void srv_io_srv_sess_info_0(char *desc, SRV_SESS_INFO_0 *ss0, prs_struct *ps, i prs_uint32("num_entries_read2", ps, depth, &(ss0->num_entries_read2)); + ASSERT_ARRAY(ss0->info_0, num_entries); + for (i = 0; i < num_entries; i++) { prs_grow(ps); @@ -560,6 +566,8 @@ void srv_io_srv_sess_info_1(char *desc, SRV_SESS_INFO_1 *ss1, prs_struct *ps, i prs_uint32("num_entries_read2", ps, depth, &(ss1->num_entries_read2)); + ASSERT_ARRAY(ss1->info_1, num_entries); + for (i = 0; i < num_entries; i++) { prs_grow(ps); |