If we get a SID that contains more than 15 subauthorities, we'll end up overrunning the struct wbcDomainSid. Just ignore any past 15.
Signed-off-by: Jeff Layton <[email protected]> --- getcifsacl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/getcifsacl.c b/getcifsacl.c index 256b2ad..3f94a99 100644 --- a/getcifsacl.c +++ b/getcifsacl.c @@ -180,12 +180,14 @@ static void csid_to_wsid(struct wbcDomainSid *wsid, const struct cifs_sid *csid) { int i; + uint8_t num_subauth = (csid->num_subauth <= WBC_MAXSUBAUTHS) ? + csid->num_subauth : WBC_MAXSUBAUTHS; wsid->sid_rev_num = csid->revision; - wsid->num_auths = csid->num_subauth; + wsid->num_auths = num_subauth; for (i = 0; i < NUM_AUTHS; i++) wsid->id_auth[i] = csid->authority[i]; - for (i = 0; i < csid->num_subauth; i++) + for (i = 0; i < num_subauth; i++) wsid->sub_auths[i] = le32toh(csid->sub_auth[i]); } -- 1.7.11.7 -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
