s4/dsdb: Use dsdb_schema_info object to verify schema_info blobs

diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c
index c7fcdaecdcd75207a500a72409573c94cc767f12..2f9abea303654f5ea942da14ab27eb3b96491806 100644 (file)
--- a/source4/dsdb/schema/schema_init.c
+++ b/source4/dsdb/schema/schema_init.c
@@ -104,27 +104,24 @@ WERROR dsdb_load_oid_mappings_ldb(struct dsdb_schema *schema,
                                  const struct ldb_val *prefixMap,
                                  const struct ldb_val *schemaInfo)
 {
-       WERROR status;
+       WERROR werr;
        const char *schema_info;
        struct dsdb_schema_prefixmap *pfm;
+       struct dsdb_schema_info *schi;
        TALLOC_CTX *mem_ctx;
 
-       /* verify input params */
-       if (schemaInfo->length != 21) {
-               return WERR_INVALID_PARAMETER;
-       }
-       if (schemaInfo->data[0] != 0xFF) {
-               return WERR_INVALID_PARAMETER;
-       }
-
        mem_ctx = talloc_new(schema);
        W_ERROR_HAVE_NO_MEMORY(mem_ctx);
 
+       /* parse schemaInfo blob to verify it is valid */
+       werr = dsdb_schema_info_from_blob(schemaInfo, mem_ctx, &schi);
+       W_ERROR_NOT_OK_GOTO(werr, DONE);
+
        /* fetch prefixMap */
-       status = _dsdb_prefixmap_from_ldb_val(prefixMap,
-                                             schema->iconv_convenience,
-                                             mem_ctx, &pfm);
-       W_ERROR_NOT_OK_RETURN(status);
+       werr = _dsdb_prefixmap_from_ldb_val(prefixMap,
+                                           schema->iconv_convenience,
+                                           mem_ctx, &pfm);
+       W_ERROR_NOT_OK_GOTO(werr, DONE);
 
        /* decode schema_info */
        schema_info = hex_encode_talloc(mem_ctx,
@@ -142,10 +139,11 @@ WERROR dsdb_load_oid_mappings_ldb(struct dsdb_schema *schema,
        talloc_free(discard_const(schema->schema_info));
        schema->schema_info = talloc_steal(schema, schema_info);
 
+DONE:
        /* clean up locally allocated mem */
        talloc_free(mem_ctx);
 
-       return WERR_OK;
+       return werr;
 }
 
 WERROR dsdb_get_oid_mappings_drsuapi(const struct dsdb_schema *schema,

diff --git a/source4/dsdb/schema/schema_prefixmap.c b/source4/dsdb/schema/schema_prefixmap.c
index 0ed078fa32f4747306b470604ccd77bbc3e4fca0..50f74b71618daecb025205c5527eab0d1f62916d 100644 (file)
--- a/source4/dsdb/schema/schema_prefixmap.c
+++ b/source4/dsdb/schema/schema_prefixmap.c
@@ -393,22 +393,23 @@ static WERROR _dsdb_drsuapi_pfm_verify(const struct drsuapi_DsReplicaOIDMapping_
        num_mappings = ctr->num_mappings;
 
        if (have_schema_info) {
+               DATA_BLOB blob;
+               struct dsdb_schema_info *schi = NULL;
+
                if (ctr->num_mappings < 2) {
                        return WERR_INVALID_PARAMETER;
                }
 
                /* check last entry for being special */
                mapping = &ctr->mappings[ctr->num_mappings - 1];
-               if (!mapping->oid.binary_oid) {
-                       return WERR_INVALID_PARAMETER;
-               }
                if (mapping->id_prefix != 0) {
                        return WERR_INVALID_PARAMETER;
                }
-               if (mapping->oid.length != 21) {
-                       return WERR_INVALID_PARAMETER;
-               }
-               if (*mapping->oid.binary_oid != 0xFF) {
+
+               /* parse schemaInfo blob to verify it is valid */
+               blob = data_blob_const(mapping->oid.binary_oid, mapping->oid.length);
+               if (!W_ERROR_IS_OK(dsdb_schema_info_from_blob(&blob, talloc_autofree_context(), &schi))) {
+                       talloc_free(schi);
                        return WERR_INVALID_PARAMETER;
                }