[reactos] 01/01: [SAMLIB] Check the server name in the binding routine - Ros-diffs

19 Jun 2021

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=be65a8568bba1ff336c5d4...
commit be65a8568bba1ff336c5d4ec330b10b0d8b462ae
Author:     Eric Kohl eric.kohl@reactos.org
AuthorDate: Sat Jun 19 21:51:06 2021 +0200
Commit:     Eric Kohl eric.kohl@reactos.org
CommitDate: Sat Jun 19 21:51:06 2021 +0200
[SAMLIB] Check the server name in the binding routine
---
 dll/win32/samlib/samlib.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/dll/win32/samlib/samlib.c b/dll/win32/samlib/samlib.c
index d5414d664b5..7237a874d12 100644
--- a/dll/win32/samlib/samlib.c
+++ b/dll/win32/samlib/samlib.c
@@ -77,6 +77,27 @@ PSAMPR_SERVER_NAME_bind(PSAMPR_SERVER_NAME pszSystemName)
TRACE("PSAMPR_SERVER_NAME_bind(%S)\n", pszSystemName);
+    /* Check the server name prefix and server name length */
+    if (pszSystemName != NULL)
+    {
+        int nLength = wcslen(pszSystemName);
+        int nNameLength = nLength;
+
+        if (nLength >= 1 && pszSystemName[0] == L'\')
+            nNameLength--;
+
+        if (nLength >= 2 && pszSystemName[1] == L'\')
+            nNameLength--;
+
+        if (((nLength - nNameLength != 0) &&
+             (nLength - nNameLength != 2)) ||
+            (nNameLength == 0))
+        {
+            WARN("Invalid server name %S", pszSystemName);
+            RpcRaiseException(STATUS_OBJECT_NAME_INVALID);
+        }
+    }
+
     status = RpcStringBindingComposeW(NULL,
                                       L"ncacn_np",
                                       pszSystemName,

    