Fix bug #7669.

[metze/samba/wip.git] / source3 / lib / util_sid.c

diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 97284afae743f39d44f9138db6787c6e6dcced01..130e257bdd3858d45021023bf1df1c186274c7cb 100644 (file)
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -408,6 +408,9 @@ bool sid_parse(const char *inbuf, size_t len, DOM_SID *sid)
 
        sid->sid_rev_num = CVAL(inbuf, 0);
        sid->num_auths = CVAL(inbuf, 1);
+       if (sid->num_auths > MAXSUBAUTHS) {
+               return false;
+       }
        memcpy(sid->id_auth, inbuf+2, 6);
        if (len < 8 + sid->num_auths*4)
                return False;
@@ -467,6 +470,35 @@ int sid_compare(const DOM_SID *sid1, const DOM_SID *sid2)
        return sid_compare_auth(sid1, sid2);
 }
 
+int sid_compare_sort(const void *p1, const void *p2)
+{
+       const struct dom_sid *sid1 = (const struct dom_sid *)p1;
+       const struct dom_sid *sid2 = (const struct dom_sid *)p2;
+       int i, res;
+
+       if (sid1->sid_rev_num != sid2->sid_rev_num) {
+               return sid1->sid_rev_num - sid2->sid_rev_num;
+       }
+
+       for (i = 0; i < 6; i++) {
+               if (sid1->id_auth[i] != sid2->id_auth[i]) {
+                       return sid1->id_auth[i] - sid2->id_auth[i];
+               }
+       }
+
+       if (sid1->num_auths != sid2->num_auths) {
+               return sid1->num_auths - sid2->num_auths;
+       }
+
+       for (i = 0; i<sid1->num_auths; i++) {
+               if (sid1->sub_auths[i] != sid2->sub_auths[i]) {
+                       return sid1->sub_auths[i] - sid2->sub_auths[i];
+               }
+       }
+
+       return 0;
+}
+
 /*****************************************************************
  See if 2 SIDs are in the same domain
  this just compares the leading sub-auths