summaryrefslogtreecommitdiffstats
path: root/source/rpc_parse
diff options
context:
space:
mode:
Diffstat (limited to 'source/rpc_parse')
-rw-r--r--source/rpc_parse/parse_lsa.c14
-rw-r--r--source/rpc_parse/parse_net.c6
-rw-r--r--source/rpc_parse/parse_samr.c42
-rw-r--r--source/rpc_parse/parse_srv.c8
4 files changed, 70 insertions, 0 deletions
diff --git a/source/rpc_parse/parse_lsa.c b/source/rpc_parse/parse_lsa.c
index f32ff58efba..272e76eefed 100644
--- a/source/rpc_parse/parse_lsa.c
+++ b/source/rpc_parse/parse_lsa.c
@@ -82,6 +82,8 @@ void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth)
smb_io_unihdr2("", &(r_r->hdr_dom_name), ps, depth); /* domain name unicode string header */
+ ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1-1);
+
for (i = 0; i < r_r->num_ref_doms_1-1; i++)
{
smb_io_unihdr2("", &(r_r->hdr_ref_dom[i]), ps, depth);
@@ -89,6 +91,8 @@ void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth)
smb_io_unistr("", &(r_r->uni_dom_name), ps, depth); /* domain name unicode string */
+ ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
+
for (i = 0; i < r_r->num_ref_doms_2; i++)
{
smb_io_dom_sid2("", &(r_r->ref_dom[i]), ps, depth); /* referenced domain SIDs */
@@ -413,6 +417,8 @@ void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth)
prs_uint32("ptr_sid_enum", ps, depth, &(sen->ptr_sid_enum));
prs_uint32("num_entries2", ps, depth, &(sen->num_entries2));
+ ASSERT_ARRAY(sen->ptr_sid, sen->num_entries);
+
for (i = 0; i < sen->num_entries; i++)
{
fstring temp;
@@ -420,6 +426,8 @@ void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth)
prs_uint32(temp, ps, depth, &(sen->ptr_sid[i])); /* domain SID pointers to be looked up. */
}
+ ASSERT_ARRAY(sen->sid, sen->num_entries);
+
for (i = 0; i < sen->num_entries; i++)
{
fstring temp;
@@ -467,6 +475,8 @@ void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, in
prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names));
prs_uint32("num_entries2 ", ps, depth, &(trn->num_entries2));
+ ASSERT_ARRAY(trn->ptr_name, trn->num_entries);
+
for (i = 0; i < trn->num_entries; i++)
{
fstring temp;
@@ -527,6 +537,8 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i
prs_uint32("buffer_dom_sid ", ps, depth, &(q_r->buffer_dom_sid)); /* undocumented domain SID buffer pointer */
prs_uint32("buffer_dom_name", ps, depth, &(q_r->buffer_dom_name)); /* undocumented domain name buffer pointer */
+ ASSERT_ARRAY(q_r->lookup_name, q_r->num_entries);
+
for (i = 0; i < q_r->num_entries; i++)
{
smb_io_dom_name("", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */
@@ -555,6 +567,8 @@ void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, i
prs_uint32("undoc_buffer", ps, depth, &(r_r->undoc_buffer));
prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2));
+ ASSERT_ARRAY(r_r->dom_rid, r_r->num_entries2);
+
for (i = 0; i < r_r->num_entries2; i++)
{
smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */
diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c
index 1b253beeb94..8a15ae6bb4b 100644
--- a/source/rpc_parse/parse_net.c
+++ b/source/rpc_parse/parse_net.c
@@ -983,6 +983,9 @@ void make_net_user_info3(NET_USER_INFO_3 *usr,
make_unistr2(&(usr->uni_dir_drive ), dir_drive , len_dir_drive );
usr->num_groups2 = num_groups;
+
+ ASSERT_ARRAY(usr->gids, num_groups);
+
for (i = 0; i < num_groups; i++)
{
usr->gids[i] = gids[i];
@@ -1057,6 +1060,7 @@ void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int de
prs_align(ps);
prs_uint32("num_groups2 ", ps, depth, &(usr->num_groups2)); /* num groups */
+ ASSERT_ARRAY(usr->gids, usr->num_groups2);
for (i = 0; i < usr->num_groups2; i++)
{
smb_io_gid("", &(usr->gids[i]), ps, depth); /* group info */
@@ -1067,6 +1071,8 @@ void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int de
smb_io_dom_sid2("", &(usr->dom_sid), ps, depth); /* domain SID */
+ ASSERT_ARRAY(usr->other_sids, usr->num_other_sids);
+
for (i = 0; i < usr->num_other_sids; i++)
{
smb_io_dom_sid2("", &(usr->other_sids[i]), ps, depth); /* other domain SIDs */
diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index 44503ee8c93..b325ed7f188 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -290,6 +290,8 @@ void sam_io_sid_stuff(char *desc, SAM_SID_STUFF *stf, prs_struct *ps, int depth
prs_uint32("num_sids ", ps, depth, &(stf->num_sids ));
prs_uint16("padding2 ", ps, depth, &(stf->padding2 ));
+ ASSERT_ARRAY(stf->sid, stf->num_sids);
+
for (i = 0; i < stf->num_sids; i++)
{
sam_io_dom_sid3("", &(stf->sid[i]), ps, depth);
@@ -735,6 +737,9 @@ void make_samr_r_enum_dom_users(SAMR_R_ENUM_DOM_USERS *r_u,
r_u->num_entries2 = num_sam_entries;
r_u->num_entries3 = num_sam_entries;
+ ASSERT_ARRAY(r_u->sam, num_sam_entries);
+ ASSERT_ARRAY(r_u->uni_acct_name, num_sam_entries);
+
for (i = 0; i < num_sam_entries; i++)
{
make_sam_entry(&(r_u->sam[i]),
@@ -780,12 +785,16 @@ void samr_io_r_enum_dom_users(char *desc, SAMR_R_ENUM_DOM_USERS *r_u, prs_struc
prs_uint32("ptr_entries2", ps, depth, &(r_u->ptr_entries2));
prs_uint32("num_entries3", ps, depth, &(r_u->num_entries3));
+ ASSERT_ARRAY(r_u->sam, r_u->num_entries2);
+
for (i = 0; i < r_u->num_entries2; i++)
{
prs_grow(ps);
sam_io_sam_entry("", &(r_u->sam[i]), ps, depth);
}
+ ASSERT_ARRAY(r_u->uni_acct_name, r_u->num_entries2);
+
for (i = 0; i < r_u->num_entries2; i++)
{
prs_grow(ps);
@@ -867,6 +876,8 @@ void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u,
r_u->ptr_entries2 = 1;
r_u->num_entries3 = num_sam_entries;
+ ASSERT_ARRAY(r_u->sam, num_sam_entries);
+
for (i = 0; i < num_sam_entries; i++)
{
make_sam_entry(&(r_u->sam[i]),
@@ -909,6 +920,8 @@ void samr_io_r_enum_dom_aliases(char *desc, SAMR_R_ENUM_DOM_ALIASES *r_u, prs_s
prs_uint32("ptr_entries2", ps, depth, &(r_u->ptr_entries2));
prs_uint32("num_entries3", ps, depth, &(r_u->num_entries3));
+ ASSERT_ARRAY(r_u->sam, r_u->num_entries);
+
for (i = 0; i < r_u->num_entries; i++)
{
sam_io_sam_entry("", &(r_u->sam[i]), ps, depth);
@@ -1036,6 +1049,8 @@ void sam_io_sam_info_2(char *desc, SAM_INFO_2 *sam, prs_struct *ps, int depth)
prs_uint32("num_entries2 ", ps, depth, &(sam->num_entries2 ));
+ ASSERT_ARRAY(sam->sam, sam->num_entries);
+
for (i = 0; i < sam->num_entries; i++)
{
sam_io_sam_entry2("", &(sam->sam[i]), ps, depth);
@@ -1117,6 +1132,8 @@ void sam_io_sam_info_1(char *desc, SAM_INFO_1 *sam, prs_struct *ps, int depth)
prs_uint32("num_entries2 ", ps, depth, &(sam->num_entries2 ));
+ ASSERT_ARRAY(sam->sam, sam->num_entries);
+
for (i = 0; i < sam->num_entries; i++)
{
sam_io_sam_entry1("", &(sam->sam[i]), ps, depth);
@@ -1333,6 +1350,8 @@ void samr_io_r_enum_dom_groups(char *desc, SAMR_R_ENUM_DOM_GROUPS *r_u, prs_str
prs_uint32("num_entries2 ", ps, depth, &(r_u->num_entries2 ));
+ ASSERT_ARRAY(r_u->sam, r_u->num_entries);
+
for (i = 0; i < r_u->num_entries; i++)
{
sam_io_sam_entry3("", &(r_u->sam[i]), ps, depth);
@@ -1495,6 +1514,8 @@ void samr_io_q_lookup_ids(char *desc, SAMR_Q_LOOKUP_IDS *q_u, prs_struct *ps, i
prs_uint32("ptr ", ps, depth, &(q_u->ptr ));
prs_uint32("num_sids2", ps, depth, &(q_u->num_sids2));
+ ASSERT_ARRAY(q_u->ptr_sid, q_u->num_sids2);
+
for (i = 0; i < q_u->num_sids2; i++)
{
slprintf(tmp, sizeof(tmp) - 1, "ptr[%02d]", i);
@@ -1531,6 +1552,8 @@ void make_samr_r_lookup_ids(SAMR_R_LOOKUP_IDS *r_u,
r_u->ptr = 1;
r_u->num_entries2 = num_rids;
+ ASSERT_ARRAY(r_u->rid, num_rids);
+
for (i = 0; i < num_rids; i++)
{
r_u->rid[i] = rid[i];
@@ -1566,6 +1589,7 @@ void samr_io_r_lookup_ids(char *desc, SAMR_R_LOOKUP_IDS *r_u, prs_struct *ps, i
if (r_u->num_entries != 0)
{
+ ASSERT_ARRAY(r_u->rid, r_u->num_entries2);
for (i = 0; i < r_u->num_entries2; i++)
{
@@ -1599,6 +1623,8 @@ void samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *p
prs_uint32("ptr ", ps, depth, &(q_u->ptr ));
prs_uint32("num_rids2", ps, depth, &(q_u->num_rids2));
+ ASSERT_ARRAY(q_u->hdr_user_name, q_u->num_rids2);
+
for (i = 0; i < q_u->num_rids2; i++)
{
smb_io_unihdr ("", &(q_u->hdr_user_name[i]), ps, depth);
@@ -1629,6 +1655,8 @@ void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
r_u->undoc_buffer = 1;
r_u->num_entries2 = num_rids;
+ ASSERT_ARRAY(r_u->dom_rid, num_rids);
+
for (i = 0; i < num_rids; i++)
{
make_dom_rid3(&(r_u->dom_rid[i]), rid[i]);
@@ -1666,6 +1694,8 @@ void samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *p
if (r_u->num_entries != 0)
{
+ ASSERT_ARRAY(r_u->dom_rid, r_u->num_entries2);
+
for (i = 0; i < r_u->num_entries2; i++)
{
smb_io_dom_rid3("", &(r_u->dom_rid[i]), ps, depth);
@@ -1697,6 +1727,8 @@ void make_samr_q_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
q_u->ptr = 0;
q_u->num_gids2 = num_gids;
+ ASSERT_ARRAY(q_u->gid, num_gids);
+
for (i = 0; i < num_gids; i++)
{
q_u->gid[i] = gid[i];
@@ -1726,6 +1758,8 @@ void samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i
prs_uint32("ptr ", ps, depth, &(q_u->ptr ));
prs_uint32("num_gids2", ps, depth, &(q_u->num_gids2));
+ ASSERT_ARRAY(q_u->gid, q_u->num_gids2);
+
for (i = 0; i < q_u->num_gids2; i++)
{
slprintf(tmp, sizeof(tmp) - 1, "gid[%02d] ", i);
@@ -1758,6 +1792,8 @@ void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
r_u->ptr_als_usrs = 1;
r_u->num_als_usrs2 = num_aliases;
+ ASSERT_ARRAY(r_u->hdr_als_name, num_aliases);
+
for (i = 0; i < num_aliases; i++)
{
int als_len = als_name[i] != NULL ? strlen(als_name[i]) : 0;
@@ -1800,6 +1836,8 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i
if (r_u->ptr_aliases != 0 && r_u->num_aliases1 != 0)
{
+ ASSERT_ARRAY(r_u->hdr_als_name, r_u->num_aliases2);
+
for (i = 0; i < r_u->num_aliases2; i++)
{
slprintf(tmp, sizeof(tmp) - 1, "als_hdr[%02d] ", i);
@@ -1820,6 +1858,8 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i
if (r_u->ptr_als_usrs != 0 && r_u->num_als_usrs1 != 0)
{
+ ASSERT_ARRAY(r_u->num_als_usrs, r_u->num_als_usrs2);
+
for (i = 0; i < r_u->num_als_usrs2; i++)
{
slprintf(tmp, sizeof(tmp) - 1, "als_usrs[%02d] ", i);
@@ -1980,6 +2020,8 @@ void samr_io_r_query_usergroups(char *desc, SAMR_R_QUERY_USERGROUPS *r_u, prs_s
{
prs_uint32("num_entries2", ps, depth, &(r_u->num_entries2));
+ ASSERT_ARRAY(r_u->gid, r_u->num_entries2);
+
for (i = 0; i < r_u->num_entries2; i++)
{
smb_io_gid("", &(r_u->gid[i]), ps, depth);
diff --git a/source/rpc_parse/parse_srv.c b/source/rpc_parse/parse_srv.c
index 72cc34da9ee..44e3ef827bf 100644
--- a/source/rpc_parse/parse_srv.c
+++ b/source/rpc_parse/parse_srv.c
@@ -114,6 +114,8 @@ void srv_io_srv_share_info_1(char *desc, SRV_SHARE_INFO_1 *ctr, prs_struct *ps,
prs_uint32("num_entries_read2", ps, depth, &(ctr->num_entries_read2));
+ ASSERT_ARRAY(ctr->info_1, num_entries);
+
for (i = 0; i < num_entries; i++)
{
prs_grow(ps);
@@ -236,6 +238,8 @@ void srv_io_srv_share_info_2(char *desc, SRV_SHARE_INFO_2 *ctr, prs_struct *ps,
prs_uint32("num_entries_read2", ps, depth, &(ctr->num_entries_read2));
+ ASSERT_ARRAY(ctr->info_2, num_entries);
+
for (i = 0; i < num_entries; i++)
{
prs_grow(ps);
@@ -447,6 +451,8 @@ void srv_io_srv_sess_info_0(char *desc, SRV_SESS_INFO_0 *ss0, prs_struct *ps, i
prs_uint32("num_entries_read2", ps, depth, &(ss0->num_entries_read2));
+ ASSERT_ARRAY(ss0->info_0, num_entries);
+
for (i = 0; i < num_entries; i++)
{
prs_grow(ps);
@@ -560,6 +566,8 @@ void srv_io_srv_sess_info_1(char *desc, SRV_SESS_INFO_1 *ss1, prs_struct *ps, i
prs_uint32("num_entries_read2", ps, depth, &(ss1->num_entries_read2));
+ ASSERT_ARRAY(ss1->info_1, num_entries);
+
for (i = 0; i < num_entries; i++)
{
prs_grow(ps);