pidl/NDR/Parser: use ParseArrayPullGetLength() to get the number of array elements...

An anonymous researcher and Brian Gorenc (HP DVLabs) working
with HP's Zero Day Initiative program have found this and notified us.

metze

diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 285a05603e4d97a6ab0f29f88bf97c983caee6f8..e398cae9b68a93da205ed71341154e3afd9cfd2c 100644 (file)
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -1111,14 +1111,10 @@ sub ParseElementPullLevel
                }
        } elsif ($l->{TYPE} eq "ARRAY" and 
                        not has_fast_array($e,$l) and not is_charset_array($e, $l)) {
-               my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL});
+               my $length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env);
                my $counter = "cntr_$e->{NAME}_$l->{LEVEL_INDEX}";
                my $array_name = $var_name;
 
-               if ($l->{IS_VARYING}) {
-                       $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")";
-               }
-
                if (my $range = has_property($e, "range")) {
                        my ($low, $high) = split(/,/, $range, 2);
                        if ($low < 0) {