[ekohl] 59594: [SAMSRV] Use a common routine to check all account names. - Ros-diffs

28 Jul 2013

Author: ekohl
Date: Sun Jul 28 22:18:42 2013
New Revision: 59594
URL: http://svn.reactos.org/svn/reactos?rev=59594&view=rev
Log:
[SAMSRV]
Use a common routine to check all account names.
Modified:
    trunk/reactos/dll/win32/samsrv/samrpc.c
    trunk/reactos/dll/win32/samsrv/samsrv.h
    trunk/reactos/dll/win32/samsrv/utils.c
Modified: trunk/reactos/dll/win32/samsrv/samrpc.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?r...
==============================================================================

--- trunk/reactos/dll/win32/samsrv/samrpc.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/samrpc.c	[iso-8859-1] Sun Jul 28 22:18:42 2013
@@ -1756,6 +1756,14 @@
         return Status;
     }
+    /* Check the group account name */
+    Status = SampCheckAccountName(Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
     /* Check if the group name already exists in the domain */
     Status = SampCheckAccountNameInDomain(DomainObject,
                                           Name->Buffer);
@@ -2128,10 +2136,12 @@
         return Status;
     }
-    if (Name->Length > 20 * sizeof(WCHAR))
-    {
-        TRACE("User name is too long!\n");
-        return STATUS_INVALID_ACCOUNT_NAME;
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
     }
/* Check if the user name already exists in the domain */
@@ -2691,6 +2701,14 @@
         return Status;
     }
+    /* Check the alias acoount name */
+    Status = SampCheckAccountName(AccountName, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
     /* Check if the alias name already exists in the domain */
     Status = SampCheckAccountNameInDomain(DomainObject,
                                           AccountName->Buffer);
@@ -3985,6 +4003,14 @@
         goto done;
     }
+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
     NewGroupName.Length = Buffer->Name.Name.Length;
     NewGroupName.MaximumLength = Buffer->Name.Name.MaximumLength;
     NewGroupName.Buffer = Buffer->Name.Name.Buffer;
@@ -4710,6 +4736,14 @@
     {
         TRACE("SampGetObjectAttributeString failed (Status 0x%08lx)\n", Status);
         goto done;
+    }
+
+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
     }
NewAliasName.Length = Buffer->Name.Name.Length;
@@ -6763,6 +6797,14 @@
 {
     UNICODE_STRING OldUserName = {0, 0, NULL};
     NTSTATUS Status;
+
+    /* Check the account name */
+    Status = SampCheckAccountName(NewUserName, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
Status = SampGetObjectAttributeString(UserObject,
                                           L"Name",
@@ -8097,10 +8139,12 @@
         return Status;
     }
-    if (Name->Length > 20 * sizeof(WCHAR))
-    {
-        TRACE("User name is too long!\n");
-        return STATUS_INVALID_ACCOUNT_NAME;
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
     }
/* Check if the user name already exists in the domain */
Modified: trunk/reactos/dll/win32/samsrv/samsrv.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.h?r...
==============================================================================
--- trunk/reactos/dll/win32/samsrv/samsrv.h	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/samsrv.h	[iso-8859-1] Sun Jul 28 22:18:42 2013
@@ -388,6 +388,10 @@
 SampGetRidFromSid(IN PSID Sid,
                   OUT PULONG Rid);
+NTSTATUS
+SampCheckAccountName(IN PRPC_UNICODE_STRING AccountName,
+                     IN USHORT MaxLength);
+
/* Undocumented advapi32 functions */
Modified: trunk/reactos/dll/win32/samsrv/utils.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/utils.c?re...
==============================================================================
--- trunk/reactos/dll/win32/samsrv/utils.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/utils.c	[iso-8859-1] Sun Jul 28 22:18:42 2013
@@ -155,4 +155,15 @@
     return STATUS_SUCCESS;
 }
+
+NTSTATUS
+SampCheckAccountName(IN PRPC_UNICODE_STRING AccountName,
+                     IN USHORT MaxLength)
+{
+    if (AccountName->Length > MaxLength * sizeof(WCHAR))
+        return STATUS_INVALID_ACCOUNT_NAME;
+
+    return STATUS_SUCCESS;
+}
+
 /* EOF */

    