[SAMSRV]

Use a common routine to check all account names. svn path=/trunk/; revision=59594
2025-01-05 22:12:46 +00:00 · 2013-07-28 22:18:42 +00:00 · 2013-07-28 22:18:42 +00:00 · 9dcb3faa30
commit 9dcb3faa30
parent f48c0269df
3 changed files with 65 additions and 6 deletions
--- a/reactos/dll/win32/samsrv/samrpc.c
+++ b/reactos/dll/win32/samsrv/samrpc.c
@ -1756,6 +1756,14 @@ SamrCreateGroupInDomain(IN SAMPR_HANDLE DomainHandle,
        return Status;
    }

+    /* Check the group account name */
+    Status = SampCheckAccountName(Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
    /* Check if the group name already exists in the domain */
    Status = SampCheckAccountNameInDomain(DomainObject,
                                          Name->Buffer);
@ -2128,10 +2136,12 @@ SamrCreateUserInDomain(IN SAMPR_HANDLE DomainHandle,
        return Status;
    }

-    if (Name->Length > 20 * sizeof(WCHAR))
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
    {
-        TRACE("User name is too long!\n");
-        return STATUS_INVALID_ACCOUNT_NAME;
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
    }

    /* Check if the user name already exists in the domain */
@ -2691,6 +2701,14 @@ SamrCreateAliasInDomain(IN SAMPR_HANDLE DomainHandle,
        return Status;
    }

+    /* Check the alias acoount name */
+    Status = SampCheckAccountName(AccountName, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
    /* Check if the alias name already exists in the domain */
    Status = SampCheckAccountNameInDomain(DomainObject,
                                          AccountName->Buffer);
@ -3985,6 +4003,14 @@ SampSetGroupName(PSAM_DB_OBJECT GroupObject,
        goto done;
    }

+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
    NewGroupName.Length = Buffer->Name.Name.Length;
    NewGroupName.MaximumLength = Buffer->Name.Name.MaximumLength;
    NewGroupName.Buffer = Buffer->Name.Name.Buffer;
@ -4712,6 +4738,14 @@ SampSetAliasName(PSAM_DB_OBJECT AliasObject,
        goto done;
    }

+    /* Check the new account name */
+    Status = SampCheckAccountName(&Buffer->Name.Name, 256);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
    NewAliasName.Length = Buffer->Name.Name.Length;
    NewAliasName.MaximumLength = Buffer->Name.Name.MaximumLength;
    NewAliasName.Buffer = Buffer->Name.Name.Buffer;
@ -6764,6 +6798,14 @@ SampSetUserName(PSAM_DB_OBJECT UserObject,
    UNICODE_STRING OldUserName = {0, 0, NULL};
    NTSTATUS Status;

+    /* Check the account name */
+    Status = SampCheckAccountName(NewUserName, 20);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
    Status = SampGetObjectAttributeString(UserObject,
                                          L"Name",
                                          (PRPC_UNICODE_STRING)&OldUserName);
@ -8097,10 +8139,12 @@ SamrCreateUser2InDomain(IN SAMPR_HANDLE DomainHandle,
        return Status;
    }

-    if (Name->Length > 20 * sizeof(WCHAR))
+    /* Check the user account name */
+    Status = SampCheckAccountName(Name, 20);
+    if (!NT_SUCCESS(Status))
    {
-        TRACE("User name is too long!\n");
-        return STATUS_INVALID_ACCOUNT_NAME;
+        TRACE("SampCheckAccountName failed (Status 0x%08lx)\n", Status);
+        return Status;
    }

    /* Check if the user name already exists in the domain */
--- a/reactos/dll/win32/samsrv/samsrv.h
+++ b/reactos/dll/win32/samsrv/samsrv.h
@ -388,6 +388,10 @@ NTSTATUS
 SampGetRidFromSid(IN PSID Sid,
                  OUT PULONG Rid);

+NTSTATUS
+SampCheckAccountName(IN PRPC_UNICODE_STRING AccountName,
+                     IN USHORT MaxLength);
+

 /* Undocumented advapi32 functions */

--- a/reactos/dll/win32/samsrv/utils.c
+++ b/reactos/dll/win32/samsrv/utils.c
@ -155,4 +155,15 @@ SampGetRidFromSid(IN PSID Sid,
    return STATUS_SUCCESS;
 }

+
+NTSTATUS
+SampCheckAccountName(IN PRPC_UNICODE_STRING AccountName,
+                     IN USHORT MaxLength)
+{
+    if (AccountName->Length > MaxLength * sizeof(WCHAR))
+        return STATUS_INVALID_ACCOUNT_NAME;
+
+    return STATUS_SUCCESS;
+}
+
 /* EOF */