From ce67c71d32e1daf5abaf1852088c16b1cb2f8cd8 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Fri, 2 Aug 2019 23:36:11 +1200 Subject: [PATCH] py_security: don't crash on dacl_add() $ PYTHONPATH=bin/python python3 -c'from samba.dcerpc import security;security.descriptor().dacl_add(1)' would crash. We need to check the type of the argument. Signed-off-by: Douglas Bagnall --- source4/librpc/ndr/py_security.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c index 26989c1a433..750fb54fd4e 100644 --- a/source4/librpc/ndr/py_security.c +++ b/source4/librpc/ndr/py_security.c @@ -195,8 +195,13 @@ static PyObject *py_descriptor_dacl_add(PyObject *self, PyObject *args) if (!PyArg_ParseTuple(args, "O", &py_ace)) return NULL; - ace = pytalloc_get_ptr(py_ace); - + ace = pytalloc_get_type(py_ace, struct security_ace); + if (ace == NULL) { + PyErr_Format(PyExc_TypeError, + "Expected security ACE object, not %s", + pytalloc_get_name(py_ace)); + return NULL; + } status = security_descriptor_dacl_add(desc, ace); PyErr_NTSTATUS_IS_ERR_RAISE(status); Py_RETURN_NONE; -- 2.20.1