Index: user/win32/groupinfo.c
===================================================================
--- user/win32/groupinfo.c	(revision 371132)
+++ user/win32/groupinfo.c	(working copy)
@@ -76,6 +76,8 @@
     DWORD cbname = sizeof(name), cbdomain = sizeof(domain);
     if (!groupid)
         return APR_EINVAL;
+    if (!IsValidSid(groupid))
+        return APR_EINVAL;
     if (!LookupAccountSid(NULL, groupid, name, &cbname, domain, &cbdomain, &type))
         return apr_get_os_error();
     if (type != SidTypeGroup && type != SidTypeWellKnownGroup 
Index: user/win32/userinfo.c
===================================================================
--- user/win32/userinfo.c	(revision 371132)
+++ user/win32/userinfo.c	(working copy)
@@ -255,6 +255,8 @@
     DWORD cbname = sizeof(name), cbdomain = sizeof(domain);
     if (!userid)
         return APR_EINVAL;
+    if (!IsValidSid(userid))
+        return APR_EINVAL;
     if (!LookupAccountSid(NULL, userid, name, &cbname, domain, &cbdomain, &type))
         return apr_get_os_error();
     if (type != SidTypeUser && type != SidTypeAlias && type != SidTypeWellKnownGroup)