Displaying 1 result from an estimated 1 matches for "infoxx".
2013 Aug 19
3
rpcclient netshareenum 502 causes SEGV
...um_entries," which
without looking into it might have been equivalent to "count."
It would seem to me that "totalentries" really has to be bounds checked
here else you can fall into this trap.
I know this is ugly, but couldn't something be done like
offsetof(ctr.share.infoXX, count) to verify that that the array size and
total entries match. Or perhaps even better check this bounds condition
during the NDR pull out unmarshalling code? (that is what I would vote for
since it puts less of a burden on the callee but there may be cases where
knowing the total entries vs wh...