Calling as_sddl with a bad parameter type produce a segfault Program received signal SIGSEGV, Segmentation fault. 0xb4989012 in dom_sid_in_domain (domain_sid=0x4b79f19c, sid=0x89f08a8) at ../libcli/security/dom_sid.c:268 268 if (domain_sid->num_auths > sid->num_auths) { (gdb) bt #0 0xb4989012 in dom_sid_in_domain (domain_sid=0x4b79f19c, sid=0x89f08a8) at ../libcli/security/dom_sid.c:268 #1 0xb49882b0 in sddl_encode_sid (mem_ctx=0x89f0a88, sid=0x89f08a8, domain_sid=0x4b79f19c) at libcli/security/sddl.c:468 #2 0xb498877d in sddl_encode (mem_ctx=0x0, sd=0x89f07f8, domain_sid=0x4b79f19c) at libcli/security/sddl.c:586 #3 0xb442a720 in py_descriptor_as_sddl (self=0xb7d73360, args=0xb7c508cc) at ./librpc/ndr/py_security.c:206 #4 0x080de562 in PyEval_EvalFrameEx () #5 0x080e00b8 in PyEval_EvalCodeEx () #6 0x080e0217 in PyEval_EvalCode () #7 0x080fe0e1 in PyRun_FileExFlags () #8 0x080fe43a in PyRun_SimpleFileExFlags () #9 0x0805c882 in Py_Main () #10 0x0805b972 in main ()
Created attachment 4689 [details] Test case for this bug
This problem isn't such easy to fix: It's due to "py_talloc_get_ptr". This is a macro which gets the pointer attribute "ptr" from a "PyObject" object. And nothing more - so no type check is going to be performed (consider pytalloc.h line 42). To fix this (it's a far bigger problem - there isn't only affected the mentioned call) we would have to do quite some work. I personally don't know if it's worth the effort to generate a python exception, since SIGSEGVs are basically a form of C exceptions; they mean that something went wrong. So I'd vote for a "WONTFIX" and live with the type problems. But I'd like to see also Jelmer's comment here.
Created attachment 4713 [details] Patch for the pb
Thanks for this wonderful patch. Didn't know that there exists such an elegant idea/approach (I personally am not such skilled in python). Merged to master!