summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_lsarpc.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_client/cli_lsarpc.c')
-rw-r--r--source3/rpc_client/cli_lsarpc.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 7cadd6edac..974538b87b 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -662,9 +662,19 @@ NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle *h,
struct dom_sid *sid = &(*sids)[i];
if (use_lookupnames4) {
+ if (i >= sid_array3.count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
dom_idx = sid_array3.sids[i].sid_index;
(*types)[i] = sid_array3.sids[i].sid_type;
} else {
+ if (i >= sid_array.count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
dom_idx = sid_array.sids[i].sid_index;
(*types)[i] = sid_array.sids[i].sid_type;
}
@@ -677,6 +687,14 @@ NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle *h,
(*types)[i] = SID_NAME_UNKNOWN;
continue;
}
+ if (domains == NULL) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (dom_idx >= domains->count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
if (use_lookupnames4) {
sid_copy(sid, sid_array3.sids[i].sid);
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-08 19:16:58 +0000