Provide complete information about the problem
-
Version of JNA and related jars
JNA version 5.2.0 - jna-5.2.0.jar and jna-platform-5.2.0.jar
-
Version and vendor of the java virtual machine
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)
-
Operating system
Windows 10
-
System architecture (CPU type, bitness of the JVM)
Xeon X3430 @ 2,40GHz and 64 bit JVM
-
Complete description of the problem
The bug was discovered in the getUserLocalGroups method under Netapi32Util.java. When running in Line 369:
LOCALGROUP_USERS_INFO_0[] lgroups = (LOCALGROUP_USERS_INFO_0[]) lgroup.toArray(entriesread.getValue()) where entriesread.getValue() has a zero value. In the other word, it essentially sends 0 to Structure#toArray, which it then throws an ArrayIndexOutOfBoundsException exception, because the array size is zero.
- Steps to reproduce.
I try to be as simple as possible. Only 2 lines need to be added.
1 - Add if (entriesread.getValue() > 0) before LOCALGROUP_USERS_INFO_0 lgroup = new LOCALGROUP_USERS_INFO_0(bufptr.getValue());
The "if" condition above prevents a zero sized array.
2 - Add return new Group[0]; at the end of the method. This is to safely return an empty array rather than null. See a complete listing with the solution in place below. I apologise for not following the JDK style, but you can maintain your usual style with the solution added. Thanks.
public static Group[] getUserLocalGroups(String userName, String serverName)
{
PointerByReference bufptr = new PointerByReference();
IntByReference entriesread = new IntByReference();
IntByReference totalentries = new IntByReference();
try
{
int rc = Netapi32.INSTANCE.NetUserGetLocalGroups(serverName, userName, 0, 0, bufptr, LMCons.MAX_PREFERRED_LENGTH, entriesread, totalentries);
if (rc != LMErr.NERR_Success)
{
throw new Win32Exception(rc);
}
if (entriesread.getValue() > 0) <-- Prevents a zero sized array
{
LOCALGROUP_USERS_INFO_0 lgroup = new LOCALGROUP_USERS_INFO_0(bufptr.getValue());
LOCALGROUP_USERS_INFO_0[] lgroups = (LOCALGROUP_USERS_INFO_0[]) lgroup.toArray(entriesread.getValue());
ArrayList<Group> result = new ArrayList<Group>();
for (LOCALGROUP_USERS_INFO_0 lgpi : lgroups)
{
LocalGroup lgp = new LocalGroup();
if (lgpi.lgrui0_name != null)
{
lgp.name = lgpi.lgrui0_name.toString();
}
result.add(lgp);
}
return result.toArray(new Group[0]);
}
}
finally
{
if (bufptr.getValue() != Pointer.NULL)
{
int rc = Netapi32.INSTANCE.NetApiBufferFree(bufptr.getValue());
if (rc != LMErr.NERR_Success)
{
throw new Win32Exception(rc);
}
}
}
return new Group[0]; <-- Safely returns an empty array rather than null
}
I realised the getUserLocalGroups method is not the only one that is affected. Below is the list of other methods, I believe also need to be corrected to eliminate the bug.
getLocalGroups(String serverName)
getGlobalGroups(String serverName)
getUsers(String serverName)
getUserGroups(String userName, String serverName)
getDomainTrusts(String serverName)
Let me know how it goes. Thanks.
Provide complete information about the problem
Version of JNA and related jars
JNA version 5.2.0 - jna-5.2.0.jar and jna-platform-5.2.0.jar
Version and vendor of the java virtual machine
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)
Operating system
Windows 10
System architecture (CPU type, bitness of the JVM)
Xeon X3430 @ 2,40GHz and 64 bit JVM
Complete description of the problem
The bug was discovered in the getUserLocalGroups method under Netapi32Util.java. When running in Line 369:
LOCALGROUP_USERS_INFO_0[] lgroups = (LOCALGROUP_USERS_INFO_0[]) lgroup.toArray(entriesread.getValue())where entriesread.getValue() has a zero value. In the other word, it essentially sends 0 to Structure#toArray, which it then throws an ArrayIndexOutOfBoundsException exception, because the array size is zero.I try to be as simple as possible. Only 2 lines need to be added.
1 - Add if (entriesread.getValue() > 0) before
LOCALGROUP_USERS_INFO_0 lgroup = new LOCALGROUP_USERS_INFO_0(bufptr.getValue());The "if" condition above prevents a zero sized array.
2 - Add return new Group[0]; at the end of the method. This is to safely return an empty array rather than null. See a complete listing with the solution in place below. I apologise for not following the JDK style, but you can maintain your usual style with the solution added. Thanks.
I realised the getUserLocalGroups method is not the only one that is affected. Below is the list of other methods, I believe also need to be corrected to eliminate the bug.
getLocalGroups(String serverName)
getGlobalGroups(String serverName)
getUsers(String serverName)
getUserGroups(String userName, String serverName)
getDomainTrusts(String serverName)
Let me know how it goes. Thanks.