From ff56f83c0c8874486239172b4c0cc6549e09dca0 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Thu, 30 Jul 2020 17:21:22 +1200 Subject: [PATCH] idl: fix witness IPaddrInfo struct These are inline values of fixed size; ipv{4,6}address indicates a pointer to a string representation. See [MS-SWN] 2.2.2.1 https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-swn/eca3e933-07fe-42e6-8ddf-5fc5523210db Credit to OSS-Fuzz. REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22175&q=label%3AProj-samba Signed-off-by: Douglas Bagnall --- librpc/idl/witness.idl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/librpc/idl/witness.idl b/librpc/idl/witness.idl index e230a5ea709..ea738c5c0e9 100644 --- a/librpc/idl/witness.idl +++ b/librpc/idl/witness.idl @@ -100,8 +100,8 @@ interface witness typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN),gensize] struct { witness_IPaddrInfo_flags flags; - [flag(NDR_BIG_ENDIAN)] ipv4address ipv4; - [flag(NDR_BIG_ENDIAN)] ipv6address ipv6; + [flag(NDR_BIG_ENDIAN)] uint8 ipv4[4]; + [flag(NDR_BIG_ENDIAN)] uint8 ipv6[16]; } witness_IPaddrInfo; typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN)] struct { -- 2.25.1