libcli/security/dom_sid: hex but not octal is OK for sub-auth

Following Windows, the numbers that would be octal (e.g. "0123") are
converted to decimal by skipping over the zeros.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index d0f90c29a798acc04b852d95e669ccdc074998c3..89f2daba0cb7dbf668cdeb1d3d2884f3d9dee6b1 100644 (file)
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -202,8 +202,15 @@ bool dom_sid_parse_endp(const char *sidstr,struct dom_sid *sidout,
                if (!isdigit(*q)) {
                        goto format_error;
                }
-
-               conv = smb_strtoull(q, &end, 10, &error, SMB_STR_STANDARD);
+               while (q[0] == '0' && isdigit((unsigned char)q[1])) {
+                       /*
+                        * strtoull will think this is octal, which is not how
+                        * SIDs work! So let's walk along until there are no
+                        * leading zeros (or a single zero).
+                        */
+                       q++;
+               }
+               conv = smb_strtoull(q, &end, 0, &error, SMB_STR_STANDARD);
                if (conv > UINT32_MAX || error != 0 || end - q > 12) {
                        /*
                         * This sub-auth is greater than 4294967295,

diff --git a/selftest/knownfail.d/sid-strings b/selftest/knownfail.d/sid-strings
index 5392e54deafb5d11b9990cfd1f349be2a4825607..4fc0e4127b96b7d27135e2399fddcb76ae1beed2 100644 (file)
--- a/selftest/knownfail.d/sid-strings
+++ b/selftest/knownfail.d/sid-strings
@@ -50,12 +50,16 @@
 ^samba.tests.sid_strings.+.SidStringTests.test_sid_string_internal_aA.ad_dc
 ^samba.tests.sid_strings.+.SidStringTests.test_sid_string_internal_aa.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-0-5-32-579.ad_dc
+^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-0x500000000-0x500000000-579.ad_dc
+^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-0xABcDef123-0xABCDef123-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-3-0.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-1-5-3.2-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-10-5-32-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnInSearchBase.test_sid_string_S-2-5-32-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-0-5-32-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0x05-32-579.ad_dc
+^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0x500000000-0x500000000-579.ad_dc
+^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-0xABcDef123-0xABCDef123-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-3-0.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-1-5-3.2-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsAsDnSearchWithDnObject.test_sid_string_S-10-5-32-579.ad_dc
@@ -72,7 +76,6 @@
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-22.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-281474976710656-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-0x20-579.ad_dc
-^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-20-00000000000243.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-3.2-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-32--579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_S-1-5-32-.579.ad_dc
@@ -88,6 +91,5 @@
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-0xABcDef123-0xABCDef-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-22.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-5-0x20-579.ad_dc
-^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_S-1-5-20-00000000000243.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_internal_s-1-5-32-579.ad_dc
 ^samba.tests.sid_strings.+.SidStringsThatStartWithS.test_sid_string_s-1-5-32-579.ad_dc