malloc() to talloc(). Previously, creating an ACL containing zero ACEs
would return a non-NULL pointer to zero bytes of memory. The talloc() code
would return a NULL pointer making the ACL a NULL ACL instead of an empty
one. The difference is a NULL ACL allows all access and an empty ACL
denies all access.
We solve this by calling talloc(ctx, sizeof(SEC_ACE) * num_aces + 1).
Heh.
(This used to be commit
89eaaafe7d266788609fab6951fd912c441b3a26)
dst->num_aces = num_aces;
dst->size = 8;
- if((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) * num_aces )) == NULL) {
+ /* Now we need to return a non-NULL address for the ace list even
+ if the number of aces required is zero. This is because there
+ is a distinct difference between a NULL ace and an ace with zero
+ entries in it. This is achieved by always making the number of
+ bytes allocated by talloc() positive. Heh. */
+
+ if((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) * num_aces + 1))
+ == NULL) {
return NULL;
}