=================================
Release Notes for Samba 3.0.23rc3
- Jun 19, 2006
+ Jun XX, 2006
=================================
This is the third release candidate of the 3.0.23 code base and is
* BUG 3843: Allow to set passwords directly when creating users
via "net rpc user add"
* Add "rpc shell" to the usage text for the net command.
+ * Winbindd user aliases lookup fixes for large domains.
o Bjoern Jacke <samba@j3e.de>.
* Fixes for various Coverity defect reports.
+
+o Derrell Lipman <derrell@samba.org>
+ [libsmbclient]
+ * BUG 3814: Only set the DFS capability flag in client requests
+ if the share is a DFS root.
+
+
o Jason Mader <jason@ncac.gwu.edu>
* Compiler warning fixes.
$(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(ROOT_SBIN_PROGS) \
$(MODULES) $(TORTURE_PROGS) $(LIBSMBCLIENT) \
$(LIBSMBSHAREMODES) $(EVERYTHING_PROGS) $(LIBMSRPC) \
- .headers.stamp
+ .headers.stamp */src/*.o */src/*.@PICSUFFIX@
-rm -rf t_dir
# Making this target will just make sure that the prototype files
else
memset(mountpassword, 0, 64);
+ if (mountpassword == NULL) {
+ printf("malloc failed\n");
+ exit(1);
+ }
+
if(filename != NULL) {
file_descript = open(filename, O_RDONLY);
if(file_descript < 0) {
{
char *message = debug_list_class_names_and_levels();
+ if (!message) {
+ DEBUG(0,("debuglevel_message - debug_list_class_names_and_levels returned NULL\n"));
+ return;
+ }
+
DEBUG(1,("INFO: Received REQ_DEBUGLEVEL message from PID %u\n",
(unsigned int)procid_to_pid(&src)));
message_send_pid(src, MSG_DEBUGLEVEL, message, strlen(message) + 1, True);
void *buf, size_t len)
{
const char *msg = buf ? buf : "none";
+
DEBUG(1,("INFO: Received PING message from PID %s [%s]\n",
procid_str_static(&src), msg));
message_send_pid(src, MSG_PONG, buf, len, True);
char *ptr;
struct message_rec prec;
+ /* NULL pointer means implicit length zero. */
+ if (!buf) {
+ SMB_ASSERT(len == 0);
+ }
+
/*
* Doing kill with a non-positive pid causes messages to be
* sent to places we don't want.
rec.msg_type = msg_type;
rec.dest = pid;
rec.src = procid_self();
- rec.len = len;
+ rec.len = buf ? len : 0;
kbuf = message_key_pid(pid);
return False;
memcpy(dbuf.dptr, &rec, sizeof(rec));
- if (len > 0)
+ if (len > 0 && buf)
memcpy((void *)((char*)dbuf.dptr+sizeof(rec)), buf, len);
dbuf.dsize = len + sizeof(rec);
TDB_CONTEXT *tdb = get_account_pol_tdb();
PRIV_SID_LIST priv;
+ if (!tdb) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
ZERO_STRUCT(priv);
se_priv_copy( &priv.privilege, &se_priv_none );
{
void *result;
- if (ptr == NULL)
- return NULL;
-
result = talloc_check_name(ptr, name);
if (result != NULL)
return result;
return;
}
+void add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
+ uint32 rid, uint32 **pp_rids, size_t *p_num)
+{
+ size_t i;
+
+ for (i=0; i<*p_num; i++) {
+ if ((*pp_rids)[i] == rid)
+ return;
+ }
+
+ *pp_rids = TALLOC_REALLOC_ARRAY(mem_ctx, *pp_rids, uint32, *p_num+1);
+
+ if (*pp_rids == NULL)
+ return;
+
+ (*pp_rids)[*p_num] = rid;
+ *p_num += 1;
+}
+
BOOL is_null_sid(const DOM_SID *sid)
{
static const DOM_SID null_sid = {0};
SMB_BIG_UINT val = -1;
const char *p = nptr;
- while (p && *p && isspace(*p))
+ if (!p) {
+ *entptr = p;
+ return val;
+ }
+
+ while (*p && isspace(*p))
p++;
+
#ifdef LARGE_SMB_OFF_T
sscanf(p,"%llu",&val);
#else /* LARGE_SMB_OFF_T */
sscanf(p,"%lu",&val);
#endif /* LARGE_SMB_OFF_T */
if (entptr) {
- while (p && *p && isdigit(*p))
+ while (*p && isdigit(*p))
p++;
*entptr = p;
}
fullpath[consumed/2] = '\0';
dos_clean_name( fullpath );
- ppath = strchr_m( fullpath, '\\' );
- ppath = strchr_m( ppath+1, '\\' );
- ppath = strchr_m( ppath+1, '\\' );
+ if ((ppath = strchr_m( fullpath, '\\' )) == NULL)
+ return False;
+ if ((ppath = strchr_m( ppath+1, '\\' )) == NULL)
+ return False;
+ if ((ppath = strchr_m( ppath+1, '\\' )) == NULL)
+ return False;
ppath++;
pstr_sprintf( newmount, "%s\\%s", mountpt, ppath );
flags2 = FLAGS2_LONG_PATH_COMPONENTS;
if (cli->capabilities & CAP_UNICODE)
flags2 |= FLAGS2_UNICODE_STRINGS;
- if (cli->capabilities & CAP_DFS)
+ if ((cli->capabilities & CAP_DFS) && cli->dfsroot)
flags2 |= FLAGS2_DFS_PATHNAMES;
if (cli->capabilities & CAP_STATUS32)
flags2 |= FLAGS2_32_BIT_ERROR_CODES;
int flags)
{
SMBCFILE * file = find_fd(fd);
+ if (file == NULL) {
+ errno = EBADF;
+ return -1;
+ }
return statcont->setxattr(statcont, file->fname,
name, value, size, flags);
}
size_t size)
{
SMBCFILE * file = find_fd(fd);
+ if (file == NULL) {
+ errno = EBADF;
+ return -1;
+ }
return statcont->getxattr(statcont, file->fname, name, value, size);
}
const char *name)
{
SMBCFILE * file = find_fd(fd);
+ if (file == NULL) {
+ errno = EBADF;
+ return -1;
+ }
return statcont->removexattr(statcont, file->fname, name);
}
size_t size)
{
SMBCFILE * file = find_fd(fd);
+ if (file == NULL) {
+ errno = EBADF;
+ return -1;
+ }
return statcont->listxattr(statcont, file->fname, list, size);
}
return True;
}
- aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces);
+ if ((aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces)) == NULL) {
+ return False;
+ }
memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
newacl = make_sec_acl(ctx, (*the_acl)->revision,
/* Create a random machine account password */
str = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
- new_trust_passwd = talloc_strdup(mem_ctx, str);
+
+ if ((new_trust_passwd = talloc_strdup(mem_ctx, str)) == NULL) {
+ DEBUG(0, ("talloc_strdup failed\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
E_md4hash(new_trust_passwd, new_trust_passwd_hash);
type = SID_NAME_UNKNOWN;
if (string_to_sid(&sid, name)) {
- fstring user, domain;
+ const char *user, *domain;
/* We have to find the type, look up the SID */
- lookup_sid(&sid, domain, user, &type);
+ lookup_sid(tmp_talloc_ctx(), &sid,
+ &domain, &user, &type);
}
} else {
- fstring domain, uname;
+ const char *domain, *uname;
char *p;
- p = strchr_m(name, lp_winbind_separator());
+ p = strchr_m(name, *lp_winbind_separator());
if (p != NULL) {
*p = '\\';
}
- if (!lookup_name(name, LOOKUP_NAME_FULL,
- domain, uname, &sid, &type)) {
+ if (!lookup_name(tmp_talloc_ctx(), name, LOOKUP_NAME_ALL,
+ &domain, &uname, &sid, &type)) {
DEBUG(10, ("Could not find AFS user %s\n", name));
sid_copy(&sid, &global_sid_NULL);
for (i = 0; i < dacl->num_aces; i++) {
SEC_ACE *ace = &(dacl->ace[i]);
- fstring dom_name;
- fstring name;
+ const char *dom_name, *name;
enum SID_NAME_USE name_type;
char *p;
if (sid_compare(&ace->trustee,
&global_sid_Builtin_Administrators) == 0) {
- fstrcpy(name, "system:administrators");
+ name = "system:administrators";
} else if (sid_compare(&ace->trustee,
&global_sid_World) == 0) {
- fstrcpy(name, "system:anyuser");
+ name = "system:anyuser";
} else if (sid_compare(&ace->trustee,
&global_sid_Authenticated_Users) == 0) {
- fstrcpy(name, "system:authuser");
+ name = "system:authuser";
} else if (sid_compare(&ace->trustee,
&global_sid_Builtin_Backup_Operators)
== 0) {
- fstrcpy(name, "system:backup");
+ name = "system:backup";
} else {
- if (!lookup_sid(&ace->trustee,
- dom_name, name, &name_type)) {
+ if (!lookup_sid(tmp_talloc_ctx(), &ace->trustee,
+ &dom_name, &name, &name_type)) {
DEBUG(1, ("AFSACL: Could not lookup SID %s on file %s\n",
sid_string_static(&ace->trustee), filename));
continue;
if ( (name_type == SID_NAME_USER) ||
(name_type == SID_NAME_DOM_GRP) ||
- (name_type == SID_NAME_ALIAS) ) {
- fstring only_username;
- fstrcpy(only_username, name);
- fstr_sprintf(name, "%s%s%s",
- dom_name, lp_winbind_separator(),
- only_username);
- strlower_m(name);
+ (name_type == SID_NAME_ALIAS) ) {
+ char *tmp;
+ tmp = talloc_asprintf(tmp_talloc_ctx(), "%s%s%s",
+ dom_name, lp_winbind_separator(),
+ name);
+ if (tmp == NULL) {
+ return False;
+ }
+ strlower_m(tmp);
+ name = tmp;
}
if (sidpts) {
/* Expect all users/groups in pts as SIDs */
- sid_to_string(name, &ace->trustee);
+ name = talloc_strdup(
+ tmp_talloc_ctx(),
+ sid_string_static(&ace->trustee));
+ if (name == NULL) {
+ return False;
+ }
}
}
const char *service,
const char *user)
{
- char *spc;
+ const char *spc;
spc = lp_parm_const_string(SNUM(handle->conn), "afsacl", "space", "%");
members = NULL;
num_members = 0;
- attrs = TALLOC_ARRAY(mem_ctx, const char *, 3);
+ if ((attrs = TALLOC_ARRAY(mem_ctx, const char *, 3)) == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
attrs[1] = talloc_strdup(mem_ctx, "usnChanged");
attrs[2] = NULL;
{
char *sid_string;
sid_string = centry_string(centry, mem_ctx);
- if (!string_to_sid(sid, sid_string)) {
+ if ((sid_string == NULL) || (!string_to_sid(sid, sid_string))) {
return False;
}
return True;
if (!wcache->tdb) {
DEBUG(0,("Failed to open winbindd_cache.tdb!\n"));
+ return;
}
tdb_traverse(wcache->tdb, traverse_fn_cleanup, NULL);
if ((num_dcnames == 0) || (num_dcnames != num_addrs))
return False;
+ if ((addrs == NULL) || (dcnames == NULL))
+ return False;
+
if ( !open_any_socket_out(addrs, num_addrs, 10000, &fd_index, fd) )
{
for (i=0; i<num_dcs; i++) {
/* This is a bit excessive, but the extra data sooner or later will be
talloc'ed */
- extra_data_len = strlen(extra_data);
+ extra_data_len = 0;
+ if (extra_data != NULL) {
+ extra_data_len = strlen(extra_data);
+ }
if (extra_data_len > 0) {
state->response.extra_data.data = SMB_STRDUP(extra_data);
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND dom_pol;
- DOM_SID2 *sid2;
+ DOM_SID2 *query_sids;
+ uint32 num_query_sids = 0;
int i;
struct rpc_pipe_client *cli;
+ uint32 *alias_rids_query, num_aliases_query;
+ int rangesize = MAX_SAM_ENTRIES_W2K;
+ uint32 total_sids = 0;
+ int num_queries = 1;
*num_aliases = 0;
*alias_rids = NULL;
if (!NT_STATUS_IS_OK(result))
return result;
- sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids);
+ do {
+ /* prepare query */
- if (sid2 == NULL)
- return NT_STATUS_NO_MEMORY;
+ num_query_sids = MIN(num_sids - total_sids, rangesize);
- for (i=0; i<num_sids; i++) {
- sid_copy(&sid2[i].sid, &sids[i]);
- sid2[i].num_auths = sid2[i].sid.num_auths;
- }
+ DEBUG(10,("rpc: lookup_useraliases: entering query %d for %d sids\n",
+ num_queries, num_query_sids));
+
+
+ query_sids = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_query_sids);
+ if (query_sids == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ for (i=0; i<num_query_sids; i++) {
+ sid_copy(&query_sids[i].sid, &sids[total_sids++]);
+ query_sids[i].num_auths = query_sids[i].sid.num_auths;
+ }
+
+ /* do request */
+
+ result = rpccli_samr_query_useraliases(cli, mem_ctx, &dom_pol,
+ num_query_sids, query_sids,
+ &num_aliases_query,
+ &alias_rids_query);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ *num_aliases = 0;
+ *alias_rids = NULL;
+ TALLOC_FREE(query_sids);
+ goto done;
+ }
+
+ /* process output */
+
+ for (i=0; i<num_aliases_query; i++) {
+ size_t na = *num_aliases;
+ add_rid_to_array_unique(mem_ctx, alias_rids_query[i],
+ alias_rids, &na);
+ *num_aliases = na;
+ }
+
+ TALLOC_FREE(query_sids);
+
+ num_queries++;
+
+ } while (total_sids < num_sids);
- result = rpccli_samr_query_useraliases(cli, mem_ctx, &dom_pol,
- num_sids, sid2,
- num_aliases, alias_rids);
+ done:
+ DEBUG(10,("rpc: lookup_useraliases: got %d aliases in %d queries "
+ "(rangesize: %d)\n", *num_aliases, num_queries, rangesize));
return result;
}
if (!login_cache_init())
return NULL;
+ if (pdb_get_nt_username(sampass) == NULL) {
+ return NULL;
+ }
+
keybuf.dptr = SMB_STRDUP(pdb_get_nt_username(sampass));
if (!keybuf.dptr || !strlen(keybuf.dptr)) {
SAFE_FREE(keybuf.dptr);
if (!login_cache_init())
return False;
+ if (pdb_get_nt_username(sampass) == NULL) {
+ return False;
+ }
+
keybuf.dptr = SMB_STRDUP(pdb_get_nt_username(sampass));
if (!keybuf.dptr || !strlen(keybuf.dptr)) {
SAFE_FREE(keybuf.dptr);
if (!login_cache_init())
return False;
+ if (pdb_get_nt_username(sampass) == NULL) {
+ return False;
+ }
+
keybuf.dptr = SMB_STRDUP(pdb_get_nt_username(sampass));
if (!keybuf.dptr || !strlen(keybuf.dptr)) {
SAFE_FREE(keybuf.dptr);
BOOL pdb_set_acct_ctrl(struct samu *sampass, uint32 acct_ctrl, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->acct_ctrl = acct_ctrl;
-
return pdb_set_init_flags(sampass, PDB_ACCTCTRL, flag);
}
BOOL pdb_set_logon_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->logon_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_LOGONTIME, flag);
}
BOOL pdb_set_logoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->logoff_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_LOGOFFTIME, flag);
}
BOOL pdb_set_kickoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->kickoff_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
}
BOOL pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->bad_password_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_TIME, flag);
}
BOOL pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->pass_can_change_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
}
BOOL pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->pass_must_change_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
}
BOOL pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->pass_last_set_time = mytime;
-
return pdb_set_init_flags(sampass, PDB_PASSLASTSET, flag);
}
BOOL pdb_set_hours_len(struct samu *sampass, uint32 len, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->hours_len = len;
-
return pdb_set_init_flags(sampass, PDB_HOURSLEN, flag);
}
BOOL pdb_set_logon_divs(struct samu *sampass, uint16 hours, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->logon_divs = hours;
-
return pdb_set_init_flags(sampass, PDB_LOGONDIVS, flag);
}
BOOL pdb_set_init_flags(struct samu *sampass, enum pdb_elements element, enum pdb_value_state value_flag)
{
- if (!sampass || !sampass)
- return False;
-
if (!sampass->set_flags) {
if ((sampass->set_flags =
bitmap_talloc(sampass,
BOOL pdb_set_user_sid(struct samu *sampass, const DOM_SID *u_sid, enum pdb_value_state flag)
{
- if (!sampass || !u_sid)
+ if (!u_sid)
return False;
sid_copy(&sampass->user_sid, u_sid);
{
DOM_SID new_sid;
- if (!sampass || !u_sid)
+ if (!u_sid)
return False;
DEBUG(10, ("pdb_set_user_sid_from_string: setting user sid %s\n",
{
gid_t gid;
- if (!sampass || !g_sid)
+ if (!g_sid)
return False;
if ( !(sampass->group_sid = TALLOC_P( sampass, DOM_SID )) ) {
BOOL pdb_set_username(struct samu *sampass, const char *username, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (username) {
DEBUG(10, ("pdb_set_username: setting username %s, was %s\n", username,
(sampass->username)?(sampass->username):"NULL"));
DEBUG(0, ("pdb_set_username: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->username = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_domain(struct samu *sampass, const char *domain, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (domain) {
DEBUG(10, ("pdb_set_domain: setting domain %s, was %s\n", domain,
(sampass->domain)?(sampass->domain):"NULL"));
DEBUG(0, ("pdb_set_domain: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->domain = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_nt_username(struct samu *sampass, const char *nt_username, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (nt_username) {
DEBUG(10, ("pdb_set_nt_username: setting nt username %s, was %s\n", nt_username,
(sampass->nt_username)?(sampass->nt_username):"NULL"));
DEBUG(0, ("pdb_set_nt_username: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->nt_username = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_fullname(struct samu *sampass, const char *full_name, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (full_name) {
DEBUG(10, ("pdb_set_full_name: setting full name %s, was %s\n", full_name,
(sampass->full_name)?(sampass->full_name):"NULL"));
DEBUG(0, ("pdb_set_fullname: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->full_name = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_logon_script(struct samu *sampass, const char *logon_script, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (logon_script) {
DEBUG(10, ("pdb_set_logon_script: setting logon script %s, was %s\n", logon_script,
(sampass->logon_script)?(sampass->logon_script):"NULL"));
DEBUG(0, ("pdb_set_logon_script: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->logon_script = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_profile_path(struct samu *sampass, const char *profile_path, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (profile_path) {
DEBUG(10, ("pdb_set_profile_path: setting profile path %s, was %s\n", profile_path,
(sampass->profile_path)?(sampass->profile_path):"NULL"));
DEBUG(0, ("pdb_set_profile_path: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->profile_path = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_dir_drive(struct samu *sampass, const char *dir_drive, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (dir_drive) {
DEBUG(10, ("pdb_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
(sampass->dir_drive)?(sampass->dir_drive):"NULL"));
BOOL pdb_set_homedir(struct samu *sampass, const char *home_dir, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (home_dir) {
DEBUG(10, ("pdb_set_homedir: setting home dir %s, was %s\n", home_dir,
(sampass->home_dir)?(sampass->home_dir):"NULL"));
DEBUG(0, ("pdb_set_home_dir: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->home_dir = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_acct_desc(struct samu *sampass, const char *acct_desc, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (acct_desc) {
sampass->acct_desc = talloc_strdup(sampass, acct_desc);
DEBUG(0, ("pdb_set_acct_desc: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->acct_desc = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_workstations(struct samu *sampass, const char *workstations, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (workstations) {
DEBUG(10, ("pdb_set_workstations: setting workstations %s, was %s\n", workstations,
(sampass->workstations)?(sampass->workstations):"NULL"));
DEBUG(0, ("pdb_set_workstations: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->workstations = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_unknown_str(struct samu *sampass, const char *unknown_str, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (unknown_str) {
sampass->unknown_str = talloc_strdup(sampass, unknown_str);
DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->unknown_str = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_munged_dial(struct samu *sampass, const char *munged_dial, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (munged_dial) {
sampass->munged_dial = talloc_strdup(sampass, munged_dial);
DEBUG(0, ("pdb_set_munged_dial: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->munged_dial = PDB_NOT_QUITE_NULL;
}
BOOL pdb_set_nt_passwd(struct samu *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
data_blob_clear_free(&sampass->nt_pw);
if (pwd) {
BOOL pdb_set_lanman_passwd(struct samu *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
data_blob_clear_free(&sampass->lm_pw);
/* on keep the password if we are allowing LANMAN authentication */
BOOL pdb_set_pw_history(struct samu *sampass, const uint8 *pwd, uint32 historyLen, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (historyLen && pwd){
sampass->nt_pw_his = data_blob_talloc(sampass,
pwd, historyLen*PW_HISTORY_ENTRY_LEN);
BOOL pdb_set_plaintext_pw_only(struct samu *sampass, const char *password, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (password) {
if (sampass->plaintext_pw!=NULL)
memset(sampass->plaintext_pw,'\0',strlen(sampass->plaintext_pw)+1);
DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
return False;
}
-
} else {
sampass->plaintext_pw = NULL;
}
BOOL pdb_set_bad_password_count(struct samu *sampass, uint16 bad_password_count, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->bad_password_count = bad_password_count;
-
return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_COUNT, flag);
}
BOOL pdb_set_logon_count(struct samu *sampass, uint16 logon_count, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->logon_count = logon_count;
-
return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);
}
BOOL pdb_set_unknown_6(struct samu *sampass, uint32 unkn, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
sampass->unknown_6 = unkn;
-
return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);
}
BOOL pdb_set_hours(struct samu *sampass, const uint8 *hours, enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (!hours) {
memset ((char *)sampass->hours, 0, MAX_HOURS_LEN);
- return True;
+ } else {
+ memcpy (sampass->hours, hours, MAX_HOURS_LEN);
}
-
- memcpy (sampass->hours, hours, MAX_HOURS_LEN);
return pdb_set_init_flags(sampass, PDB_HOURS, flag);
}
const struct pdb_methods *my_methods,
enum pdb_value_state flag)
{
- if (!sampass)
- return False;
-
if (sampass->backend_private_data &&
sampass->backend_private_data_free_fn) {
sampass->backend_private_data_free_fn(
uint32 expire;
uint32 min_age;
- if (!sampass)
- return False;
-
if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED))
return False;
uchar new_lanman_p16[LM_HASH_LEN];
uchar new_nt_p16[NT_HASH_LEN];
- if (!sampass || !plaintext)
+ if (!plaintext)
return False;
/* Calculate the MD4 hash (NT compatible) of the password */
unbecome_root(); /* -----> EXIT BECOME_ROOT() */
*name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
+ if (!*name) {
+ TALLOC_FREE(sam_account);
+ return False;
+ }
+
*psid_name_use = SID_NAME_USER;
TALLOC_FREE(sam_account);
return ldapsam_getgroup(methods, filter, map);
}
-static void add_rid_to_array_unique(TALLOC_CTX *mem_ctx,
- uint32 rid, uint32 **pp_rids, size_t *p_num)
-{
- size_t i;
-
- for (i=0; i<*p_num; i++) {
- if ((*pp_rids)[i] == rid)
- return;
- }
-
- *pp_rids = TALLOC_REALLOC_ARRAY(mem_ctx, *pp_rids, uint32, *p_num+1);
-
- if (*pp_rids == NULL)
- return;
-
- (*pp_rids)[*p_num] = rid;
- *p_num += 1;
-}
-
static BOOL ldapsam_extract_rid_from_entry(LDAP *ldap_struct,
LDAPMessage *entry,
const DOM_SID *domain_sid,
generate a new TDB_DATA key for storing a printer security descriptor
****************************************************************************/
-static char* make_printers_secdesc_tdbkey( const char* sharename )
+static char *make_printers_secdesc_tdbkey( const char* sharename )
{
fstring share;
static pstring keystr;
size_t size_new_sec;
DOM_SID sid;
- if (!data.dptr || data.dsize == 0)
+ if (!data.dptr || data.dsize == 0) {
return 0;
+ }
- if ( strncmp( key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) != 0 )
+ if ( strncmp( key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) != 0 ) {
return 0;
+ }
/* upgrade the security descriptor */
ZERO_STRUCT( ps );
prs_init( &ps, 0, ctx, UNMARSHALL );
- prs_give_memory( &ps, data.dptr, data.dsize, True );
+ prs_give_memory( &ps, data.dptr, data.dsize, False );
if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_orig, &ps, 1 ) ) {
/* delete bad entries */
DEBUG(0,("sec_desc_upg_fn: Failed to parse original sec_desc for %si. Deleting....\n", key.dptr ));
tdb_delete( tdb_printers, key );
+ prs_mem_free( &ps );
return 0;
}
+ if (!sd_orig) {
+ prs_mem_free( &ps );
+ return 0;
+ }
sec = sd_orig->sec;
/* is this even valid? */
- if ( !sec->dacl )
+ if ( !sec->dacl ) {
+ prs_mem_free( &ps );
return 0;
+ }
/* update access masks */
new_sec = make_sec_desc( ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
&sid, &sid,
NULL, NULL, &size_new_sec );
+ if (!new_sec) {
+ prs_mem_free( &ps );
+ return 0;
+ }
sd_new = make_sec_desc_buf( ctx, size_new_sec, new_sec );
+ if (!sd_new) {
+ prs_mem_free( &ps );
+ return 0;
+ }
if ( !(sd_store = sec_desc_merge( ctx, sd_new, sd_orig )) ) {
DEBUG(0,("sec_desc_upg_fn: Failed to update sec_desc for %s\n", key.dptr ));
+ prs_mem_free( &ps );
return 0;
}
+ prs_mem_free( &ps );
+
/* store it back */
sd_size = sec_desc_size(sd_store->sec) + sizeof(SEC_DESC_BUF);
if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) {
DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr ));
+ prs_mem_free( &ps );
return 0;
}
TDB_DATA kbuf, newkey;
short_archi = get_short_archi(architecture);
+ if (!short_archi) {
+ return 0;
+ }
+
slprintf(key, sizeof(key)-1, "%s%s/%d/", DRIVERS_PREFIX, short_archi, version);
for (kbuf = tdb_firstkey(tdb_drivers);
}
/****************************************************************************
-function to do the mapping between the long architecture name and
-the short one.
+ Function to do the mapping between the long architecture name and
+ the short one.
****************************************************************************/
+
const char *get_short_archi(const char *long_archi)
{
int i=-1;
/* this might be client code - but shouldn't this be an fstrcpy etc? */
-
DEBUGADD(108,("index: [%d]\n", i));
DEBUGADD(108,("long architecture: [%s]\n", archi_table[i].long_archi));
DEBUGADD(108,("short architecture: [%s]\n", archi_table[i].short_archi));
}
architecture = get_short_archi(driver->environment);
+ if (!architecture) {
+ return WERR_UNKNOWN_PRINTER_DRIVER;
+ }
/* jfm:7/16/2000 the client always sends the cversion=0.
* The server should check which version the driver is by reading
* NT2K: cversion=3
*/
if ((driver->cversion = get_correct_cversion( architecture, driver->driverpath, user, &err)) == -1)
- return err;
+ return err;
return WERR_OK;
}
}
architecture = get_short_archi(driver->environment);
+ if (!architecture) {
+ return WERR_UNKNOWN_PRINTER_DRIVER;
+ }
/* jfm:7/16/2000 the client always sends the cversion=0.
* The server should check which version the driver is by reading
}
architecture = get_short_archi(driver->environment);
+ if (!architecture) {
+ return WERR_UNKNOWN_PRINTER_DRIVER;
+ }
/*
* Connect to the print$ share under the same account as the user connected to the rpc pipe.
TDB_DATA kbuf, dbuf;
architecture = get_short_archi(driver->environment);
+ if (!architecture) {
+ return (uint32)-1;
+ }
/* The names are relative. We store them in the form: \print$\arch\version\driver.xxx
* \\server is added in the rpc server layer.
ZERO_STRUCT(driver);
architecture = get_short_archi(arch);
-
- if ( !architecture )
+ if ( !architecture ) {
return WERR_UNKNOWN_PRINTER_DRIVER;
+ }
/* Windows 4.0 (i.e. win9x) should always use a version of 0 */
if (ADS_ERR_OK(ads_rc) && ads_count_replies(ads, res)) {
prt_dn = ads_get_dn(ads, res);
+ if (!prt_dn) {
+ ads_msgfree(ads, res);
+ return WERR_NOMEM;
+ }
ads_rc = ads_del_dn(ads, prt_dn);
ads_memfree(ads, prt_dn);
}
*/
if (lp_default_devmode(snum)) {
- if ((info->devmode = construct_nt_devicemode(info->printername)) == NULL)
+ if ((info->devmode = construct_nt_devicemode(info->printername)) == NULL) {
goto fail;
- }
- else {
+ }
+ } else {
info->devmode = NULL;
}
- if (!nt_printing_getsec(info, sharename, &info->secdesc_buf))
+ if (!nt_printing_getsec(info, sharename, &info->secdesc_buf)) {
goto fail;
+ }
return WERR_OK;
kbuf = make_printer_tdbkey( sharename );
dbuf = tdb_fetch(tdb_printers, kbuf);
- if (!dbuf.dptr)
+ if (!dbuf.dptr) {
return get_a_printer_2_default(info, servername, sharename);
+ }
len += tdb_unpack(dbuf.dptr+len, dbuf.dsize-len, "dddddddddddfffffPfffff",
&info->attributes,
/* Restore the stripped strings. */
slprintf(info->servername, sizeof(info->servername)-1, "\\\\%s", servername);
- if ( lp_force_printername(snum) )
+ if ( lp_force_printername(snum) ) {
slprintf(printername, sizeof(printername)-1, "\\\\%s\\%s", servername, sharename );
- else
+ } else {
slprintf(printername, sizeof(printername)-1, "\\\\%s\\%s", servername, info->printername);
+ }
fstrcpy(info->printername, printername);
if ( !(info->data = TALLOC_ZERO_P( info, NT_PRINTER_DATA )) ) {
DEBUG(0,("unpack_values: talloc() failed!\n"));
+ SAFE_FREE(dbuf.dptr);
return WERR_NOMEM;
}
len += unpack_values( info->data, dbuf.dptr+len, dbuf.dsize-len );
/* This will get the current RPC talloc context, but we should be
passing this as a parameter... fixme... JRA ! */
- nt_printing_getsec(info, sharename, &info->secdesc_buf);
+ if (!nt_printing_getsec(info, sharename, &info->secdesc_buf)) {
+ SAFE_FREE(dbuf.dptr);
+ return WERR_NOMEM;
+ }
/* Fix for OS/2 drivers. */
- if (get_remote_arch() == RA_OS2)
+ if (get_remote_arch() == RA_OS2) {
map_to_os2_driver(info->drivername);
+ }
SAFE_FREE(dbuf.dptr);
/* delete the tdb data first */
arch = get_short_archi(info_3->environment);
+ if (!arch) {
+ return WERR_UNKNOWN_PRINTER_DRIVER;
+ }
slprintf(key, sizeof(key)-1, "%s%s/%d/%s", DRIVERS_PREFIX,
arch, version, info_3->name);
SEC_DESC *psd = NULL;
size_t size;
- nt_printing_getsec(mem_ctx, sharename, &old_secdesc_ctr);
+ if (!nt_printing_getsec(mem_ctx, sharename, &old_secdesc_ctr)) {
+ status = WERR_NOMEM;
+ goto out;
+ }
/* Pick out correct owner and group sids */
dacl,
&size);
+ if (!psd) {
+ status = WERR_NOMEM;
+ goto out;
+ }
+
new_secdesc_ctr = make_sec_desc_buf(mem_ctx, size, psd);
}
sharename = temp + 1;
}
+ ZERO_STRUCT(ps);
+
/* Fetch security descriptor from tdb */
key = make_printers_secdesc_tdbkey( sharename );
if (tdb_prs_fetch(tdb_printers, key, &ps, ctx)!=0 ||
!sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
+ prs_mem_free(&ps);
+
DEBUG(4,("using default secdesc for %s\n", sharename));
if (!(*secdesc_ctr = construct_default_printer_sdb(ctx))) {
prs_init(&ps, (uint32)sec_desc_size((*secdesc_ctr)->sec) +
sizeof(SEC_DESC_BUF), ctx, MARSHALL);
- if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1))
+ if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
tdb_prs_store(tdb_printers, key, &ps);
+ }
prs_mem_free(&ps);
return True;
}
+ prs_mem_free(&ps);
+
/* If security descriptor is owned by S-1-1-0 and winbindd is up,
this security descriptor has been created when winbindd was
down. Take ownership of security descriptor. */
(*secdesc_ctr)->sec->dacl,
&size);
+ if (!psd) {
+ return False;
+ }
+
new_secdesc_ctr = make_sec_desc_buf(ctx, size, psd);
+ if (!new_secdesc_ctr) {
+ return False;
+ }
/* Swap with other one */
}
}
- prs_mem_free(&ps);
return True;
}
return False;
}
- nt_printing_getsec(mem_ctx, pname, &secdesc);
+ if (!nt_printing_getsec(mem_ctx, pname, &secdesc)) {
+ talloc_destroy(mem_ctx);
+ errno = ENOMEM;
+ return False;
+ }
if (access_type == JOB_ACCESS_ADMINISTER) {
SEC_DESC_BUF *parent_secdesc = secdesc;
secdesc = se_create_child_secdesc(mem_ctx, parent_secdesc->sec, False);
+ if (!secdesc) {
+ talloc_destroy(mem_ctx);
+ errno = ENOMEM;
+ return False;
+ }
+
/* Now this is the bit that really confuses me. The access
type needs to be changed from JOB_ACCESS_ADMINISTER to
PRINTER_ACCESS_ADMINISTER for this to work. Something
(token_contains_name_in_list(uidtoname(user->ut.uid), NULL,
user->nt_user_token,
lp_printer_admin(snum)))) {
+ talloc_destroy(mem_ctx);
return True;
}
talloc_destroy(mem_ctx);
- if (!result)
+ if (!result) {
errno = EACCES;
+ }
return result;
}
/* turn the lpq output into a series of job structures */
qcount = 0;
ZERO_STRUCTP(status);
- if (numlines) {
+ if (numlines && qlines) {
queue = SMB_MALLOC_ARRAY(print_queue_struct, numlines+1);
if (!queue) {
file_lines_free(qlines);
/* Not found. */
if (num_open >= MAX_PRINT_DBS_OPEN) {
/* Try and recycle the last entry. */
- DLIST_PROMOTE(print_db_head, last_entry);
+ if (print_db_head && last_entry) {
+ DLIST_PROMOTE(print_db_head, last_entry);
+ }
for (p = print_db_head; p; p = p->next) {
if (p->ref_count)
memset(p->printer_name, '\0', sizeof(p->printer_name));
break;
}
- if (p) {
+ if (p && print_db_head) {
DLIST_PROMOTE(print_db_head, p);
p = print_db_head;
}
inst->data,
uint8,
inst->NameLength);
+ if (inst->data == NULL) {
+ SAFE_FREE(data.dptr);
+ return False;
+ }
memcpy(inst->data, name, inst->NameLength);
SAFE_FREE(data.dptr);
}
/*********************************************************************
*********************************************************************/
-static void _reg_perfcount_init_data_block(PERF_DATA_BLOCK *block, prs_struct *ps, TDB_CONTEXT *names)
+static BOOL _reg_perfcount_init_data_block(PERF_DATA_BLOCK *block,
+ prs_struct *ps, TDB_CONTEXT *names)
{
wpstring temp;
time_t tm;
rpcstr_push((void *)temp, global_myname(), sizeof(temp), STR_TERMINATE);
block->SystemNameLength = (strlen_w(temp) * 2) + 2;
block->data = TALLOC_ZERO_ARRAY(ps->mem_ctx, uint8, block->SystemNameLength + (8 - (block->SystemNameLength % 8)));
+ if (block->data == NULL) {
+ return False;
+ }
memcpy(block->data, temp, block->SystemNameLength);
block->SystemNameOffset = sizeof(PERF_DATA_BLOCK) - sizeof(block->objects) - sizeof(block->data);
block->HeaderLength = block->SystemNameOffset + block->SystemNameLength;
so that the PERF_OBJECT_TYPE struct comes out 64-bit aligned */
block->HeaderLength += 8 - (block->HeaderLength % 8);
- return;
+ return True;
}
/*********************************************************************
temp,
char,
counter_data->ByteLength- sizeof(counter_data->ByteLength));
+ if (temp == NULL) {
+ return 0;
+ }
memset(temp, 0, counter_data->ByteLength - sizeof(counter_data->ByteLength));
src_addr = (char *)counter_data->data;
for(i = 0; i < object[obj].NumCounters; i++)
counter_data->data,
uint8,
counter_data->ByteLength - sizeof(counter_data->ByteLength) + pad);
+ if (counter_data->data == NULL) {
+ return 0;
+ }
memset(counter_data->data, 0, counter_data->ByteLength - sizeof(counter_data->ByteLength) + pad);
memcpy(counter_data->data, temp, counter_data->ByteLength - sizeof(counter_data->ByteLength));
counter_data->ByteLength += pad;
return 0;
}
- _reg_perfcount_init_data_block(block, ps, names);
+ if (!_reg_perfcount_init_data_block(block, ps, names)) {
+ DEBUG(0, ("_reg_perfcount_init_data_block failed\n"));
+ tdb_close(names);
+ return 0;
+ }
last_counter = reg_perfcount_get_last_counter(base_index);
uint32 data_size = ( (vk->data_size+sizeof(uint32)) & 0xfffffff8 ) + 8;
vk->data = TALLOC_MEMDUP( file->mem_ctx, regval_data_p(value), vk->data_size );
+ if (vk->data == NULL) {
+ return False;
+ }
/* go ahead and store the offset....we'll pick this hbin block back up when
we stream the data */
- data_hbin = find_free_space(file, data_size );
+ if ((data_hbin = find_free_space(file, data_size )) == NULL) {
+ return False;
+ }
vk->data_off = prs_offset( &data_hbin->ps ) + data_hbin->first_hbin_off - HBIN_HDR_SIZE;
}
else {
size = nk_record_data_size( nk );
nk->rec_size = ( size - 1 ) ^ 0XFFFFFFFF;
- nk->hbin = find_free_space( file, size );
+ if ((nk->hbin = find_free_space( file, size )) == NULL) {
+ return NULL;
+ }
nk->hbin_off = prs_offset( &nk->hbin->ps );
/* Update the hash record in the parent */
if ( (nk->sec_desc = find_sk_record_by_sec_desc( file, sec_desc )) == NULL ) {
/* not found so add it to the list */
- sk_hbin = find_free_space( file, sk_size );
+ if (!(sk_hbin = find_free_space( file, sk_size ))) {
+ return NULL;
+ }
if ( !(nk->sec_desc = TALLOC_ZERO_P( file->mem_ctx, REGF_SK_REC )) )
return NULL;
uint32 namelen;
int i;
- nk->subkeys.hbin = find_free_space( file, lf_size );
+ if (!(nk->subkeys.hbin = find_free_space( file, lf_size ))) {
+ return NULL;
+ }
nk->subkeys.hbin_off = prs_offset( &nk->subkeys.hbin->ps );
nk->subkeys.rec_size = (lf_size-1) ^ 0xFFFFFFFF;
nk->subkeys_off = prs_offset( &nk->subkeys.hbin->ps ) + nk->subkeys.hbin->first_hbin_off - HBIN_HDR_SIZE;
uint32 vlist_size = ( ( nk->num_values * sizeof(uint32) ) & 0xfffffff8 ) + 8;
int i;
- vlist_hbin = find_free_space( file, vlist_size );
+ if (!(vlist_hbin = find_free_space( file, vlist_size ))) {
+ return NULL;
+ }
nk->values_off = prs_offset( &vlist_hbin->ps ) + vlist_hbin->first_hbin_off - HBIN_HDR_SIZE;
if ( !(nk->values = TALLOC_ARRAY( file->mem_ctx, REGF_VK_REC, nk->num_values )) )
if (UNMARSHALLING(ps)) {
d_q->auditsettings = TALLOC_ZERO_ARRAY(ps->mem_ctx, uint32, d_q->count2);
+ if (!d_q->auditsettings) {
+ return False;
+ }
}
if (!prs_uint32s(False, "auditsettings", ps, depth, d_q->auditsettings, d_q->count2))
return True;
}
-/*******************************************************************
- Inits a DOM_SID structure.
-
- BIG NOTE: this function only does SIDS where the identauth is not >= 2^32
- identauth >= 2^32 can be detected because it will be specified in hex
-********************************************************************/
-
-void init_dom_sid(DOM_SID *sid, const char *str_sid)
-{
- pstring domsid;
- int identauth;
- char *p;
-
- if (str_sid == NULL) {
- DEBUG(4,("netlogon domain SID: none\n"));
- sid->sid_rev_num = 0;
- sid->num_auths = 0;
- return;
- }
-
- pstrcpy(domsid, str_sid);
-
- DEBUG(4,("init_dom_sid %d SID: %s\n", __LINE__, domsid));
-
- /* assume, but should check, that domsid starts "S-" */
- p = strtok(domsid+2,"-");
- sid->sid_rev_num = atoi(p);
-
- /* identauth in decimal should be < 2^32 */
- /* identauth in hex should be >= 2^32 */
- identauth = atoi(strtok(0,"-"));
-
- DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
- DEBUG(4,("netlogon %s ia %d\n", p, identauth));
-
- sid->id_auth[0] = 0;
- sid->id_auth[1] = 0;
- sid->id_auth[2] = (identauth & 0xff000000) >> 24;
- sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
- sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
- sid->id_auth[5] = (identauth & 0x000000ff);
-
- sid->num_auths = 0;
-
- while ((p = strtok(0, "-")) != NULL && sid->num_auths < MAXSUBAUTHS)
- sid->sub_auths[sid->num_auths++] = atoi(p);
-
- DEBUG(4,("init_dom_sid: %d SID: %s\n", __LINE__, domsid));
-}
-
/*******************************************************************
Inits a DOM_SID2 structure.
********************************************************************/
q_u->buffer_size = 0x000000a8;
- if ( UNMARSHALLING(ps) )
+ if ( UNMARSHALLING(ps) ) {
q_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, q_u->buffer_size );
+ if (!q_u->buffer) {
+ return False;
+ }
+ }
if ( !prs_uint8s(True, "buffer", ps, depth, q_u->buffer, q_u->buffer_size) )
return False;
if ( !prs_align(ps) )
return False;
- if ( UNMARSHALLING(ps) )
+ if ( UNMARSHALLING(ps) ) {
r_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, r_u->buffer_size );
+ if (!r_u->buffer) {
+ return False;
+ }
+ }
if ( !prs_uint8s(True, "buffer", ps, depth, r_u->buffer, r_u->buffer_size) )
return False;
kbuf.dptr = keystr;
kbuf.dsize = strlen(keystr)+1;
+ prs_init(ps, 0, mem_ctx, UNMARSHALL);
+
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr)
return -1;
- prs_init(ps, 0, mem_ctx, UNMARSHALL);
prs_give_memory(ps, dbuf.dptr, dbuf.dsize, True);
return 0;
void init_sam_user_info20A(SAM_USER_INFO_20 *usr, struct samu *pw)
{
const char *munged_dial = pdb_get_munged_dial(pw);
- DATA_BLOB blob = base64_decode_data_blob(munged_dial);
-
+ DATA_BLOB blob;
+
+ if (munged_dial) {
+ blob = base64_decode_data_blob(munged_dial);
+ } else {
+ blob = data_blob(NULL, 0);
+ }
+
init_unistr2_from_datablob(&usr->uni_munged_dial, &blob);
init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
data_blob_free(&blob);
dynamically allocate memory
********************************************************************/
+
static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
{
fstring f;
return False;
src = (char *)buf5->buffer;
- *ar = NULL;
+ *ar = SMB_MALLOC_ARRAY(fstring, 1);
+ if (!*ar) {
+ return False;
+ }
while (src < ((char *)buf5->buffer) + buf5->buf_len*2) {
rpcstr_pull(f, src, sizeof(f)-1, -1, STR_TERMINATE);
src = skip_unibuf(src, 2*buf5->buf_len - PTR_DIFF(src,buf5->buffer));
*ar = SMB_REALLOC_ARRAY(*ar, fstring, n+2);
- if (!*ar)
+ if (!*ar) {
return False;
+ }
fstrcpy((*ar)[n], f);
n++;
}
+
fstrcpy((*ar)[n], "");
return True;
}
-
-
-
/*******************************************************************
read a UNICODE array with null terminated strings
and null terminated array
DRIVER_INFO_3 *info3)
{
uint32 len = 0;
- uint16 *ptr = info3->dependentfiles;
- BOOL done = False;
- BOOL null_char = False;
SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *inf;
if (!(inf=TALLOC_ZERO_P(mem_ctx, SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)))
init_unistr2_from_unistr(&inf->monitorname, &info3->monitorname);
init_unistr2_from_unistr(&inf->defaultdatatype, &info3->defaultdatatype);
- while (!done)
- {
- switch (*ptr)
- {
- case 0:
- /* the null_char BOOL is used to help locate
- two '\0's back to back */
- if (null_char)
- done = True;
- else
- null_char = True;
- break;
+ if (info3->dependentfiles) {
+ BOOL done = False;
+ BOOL null_char = False;
+ uint16 *ptr = info3->dependentfiles;
+
+ while (!done) {
+ switch (*ptr) {
+ case 0:
+ /* the null_char BOOL is used to help locate
+ two '\0's back to back */
+ if (null_char) {
+ done = True;
+ } else {
+ null_char = True;
+ }
+ break;
- default:
- null_char = False;
- ;;
- break;
+ default:
+ null_char = False;
+ break;
+ }
+ len++;
+ ptr++;
}
- len++;
- ptr++;
}
+
inf->dependentfiles_ptr = (info3->dependentfiles != NULL) ? 1 : 0;
- inf->dependentfilessize = len;
- if(!make_spoolss_buffer5(mem_ctx, &inf->dependentfiles, len, info3->dependentfiles))
- {
+ inf->dependentfilessize = (info3->dependentfiles != NULL) ? len : 0;
+ if(!make_spoolss_buffer5(mem_ctx, &inf->dependentfiles, len, info3->dependentfiles)) {
SAFE_FREE(inf);
return False;
}
/*******************************************************************
make a BUFFER5 struct from a uint16*
******************************************************************/
+
BOOL make_spoolss_buffer5(TALLOC_CTX *mem_ctx, BUFFER5 *buf5, uint32 len, uint16 *src)
{
buf5->buf_len = len;
- if((buf5->buffer=(uint16*)TALLOC_MEMDUP(mem_ctx, src, sizeof(uint16)*len)) == NULL) {
- DEBUG(0,("make_spoolss_buffer5: Unable to malloc memory for buffer!\n"));
- return False;
+ if (src) {
+ if((buf5->buffer=(uint16*)TALLOC_MEMDUP(mem_ctx, src, sizeof(uint16)*len)) == NULL) {
+ DEBUG(0,("make_spoolss_buffer5: Unable to malloc memory for buffer!\n"));
+ return False;
+ }
+ } else {
+ buf5->buffer=NULL;
}
return True;
int bytes_left, record_number;
uint32 elog_read_type, elog_read_dir;
+ if (info == NULL) {
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
info->flags = q_u->flags;
ps = &p->out_data.rdata;
{
EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle );
+ if (info == NULL) {
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
if ( !( get_oldest_entry_hook( info ) ) )
return NT_STATUS_ACCESS_DENIED;
{
EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle );
+ if (info == NULL) {
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
if ( !( get_num_records_hook( info ) ) )
return NT_STATUS_ACCESS_DENIED;
rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries);
rids2 = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID2, num_entries);
+ if ((ref == NULL) || (rids == NULL) || (rids2 == NULL)) {
+ r_u->status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) {
r_u->status = NT_STATUS_INVALID_HANDLE;
goto done;
user_sid = pdb_get_user_sid(sampw);
group_sid = pdb_get_group_sid(sampw);
+ if ((user_sid == NULL) || (group_sid == NULL)) {
+ DEBUG(1, ("_net_sam_logon: User without group or user SID\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
sid_copy(&domain_sid, user_sid);
sid_split_rid(&domain_sid, &user_rid);
} else {
/* update the UNIX password */
if (lp_unix_password_sync() ) {
- struct passwd *passwd = Get_Pwnam(pdb_get_username(pwd));
- if (!passwd) {
+ struct passwd *passwd;
+ if (pdb_get_username(pwd) == NULL) {
+ DEBUG(1, ("chgpasswd: User without name???\n"));
+ TALLOC_FREE(pwd);
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
}
} else {
/* update the UNIX password */
if (lp_unix_password_sync()) {
- struct passwd *passwd = Get_Pwnam(pdb_get_username(pwd));
- if (!passwd) {
+ struct passwd *passwd;
+
+ if (pdb_get_username(pwd) == NULL) {
+ DEBUG(1, ("chgpasswd: User without name???\n"));
+ TALLOC_FREE(pwd);
+ return False;
+ }
+
+ if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
}
attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members);
- if ((num_members!=0) && (rid==NULL))
+ if ((num_members!=0) && (attr==NULL))
return NT_STATUS_NO_MEMORY;
for (i=0; i<num_members; i++)
static fstring msgto;
/****************************************************************************
-deliver the message
+ Deliver the message.
****************************************************************************/
+
static void msg_deliver(void)
{
- pstring name;
- int i;
- int fd;
- char *msg;
- int len;
- ssize_t sz;
-
- if (! (*lp_msg_command()))
- {
- DEBUG(1,("no messaging command specified\n"));
- msgpos = 0;
- return;
- }
-
- /* put it in a temporary file */
- slprintf(name,sizeof(name)-1, "%s/msg.XXXXXX",tmpdir());
- fd = smb_mkstemp(name);
-
- if (fd == -1) {
- DEBUG(1,("can't open message file %s\n",name));
- return;
- }
-
- /*
- * Incoming message is in DOS codepage format. Convert to UNIX.
- */
+ pstring name;
+ int i;
+ int fd;
+ char *msg;
+ int len;
+ ssize_t sz;
+
+ if (! (*lp_msg_command())) {
+ DEBUG(1,("no messaging command specified\n"));
+ msgpos = 0;
+ return;
+ }
+
+ /* put it in a temporary file */
+ slprintf(name,sizeof(name)-1, "%s/msg.XXXXXX",tmpdir());
+ fd = smb_mkstemp(name);
+
+ if (fd == -1) {
+ DEBUG(1,("can't open message file %s\n",name));
+ return;
+ }
+
+ /*
+ * Incoming message is in DOS codepage format. Convert to UNIX.
+ */
- if ((len = (int)convert_string_allocate(NULL,CH_DOS, CH_UNIX, msgbuf, msgpos, (void **)(void *)&msg, True)) < 0 || !msg) {
- DEBUG(3,("Conversion failed, delivering message in DOS codepage format\n"));
- for (i = 0; i < msgpos;) {
- if (msgbuf[i] == '\r' && i < (msgpos-1) && msgbuf[i+1] == '\n') {
- i++; continue;
- }
- sz = write(fd, &msgbuf[i++], 1);
- if ( sz != 1 ) {
- DEBUG(0,("Write error to fd %d: %ld(%d)\n",fd, (long)sz, errno ));
- }
- }
- } else {
- for (i = 0; i < len;) {
- if (msg[i] == '\r' && i < (len-1) && msg[i+1] == '\n') {
- i++; continue;
- }
- sz = write(fd, &msg[i++],1);
- if ( sz != 1 ) {
- DEBUG(0,("Write error to fd %d: %ld(%d)\n",fd, (long)sz, errno ));
- }
- }
- SAFE_FREE(msg);
- }
- close(fd);
-
-
- /* run the command */
- if (*lp_msg_command())
- {
- fstring alpha_msgfrom;
- fstring alpha_msgto;
- pstring s;
-
- pstrcpy(s,lp_msg_command());
- pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom)));
- pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto)));
- standard_sub_basic(current_user_info.smb_name, s, sizeof(s));
- pstring_sub(s,"%s",name);
- smbrun(s,NULL);
- }
-
- msgpos = 0;
+ if ((len = (int)convert_string_allocate(NULL,CH_DOS, CH_UNIX, msgbuf, msgpos, (void **)(void *)&msg, True)) < 0 || !msg) {
+ DEBUG(3,("Conversion failed, delivering message in DOS codepage format\n"));
+ for (i = 0; i < msgpos;) {
+ if (msgbuf[i] == '\r' && i < (msgpos-1) && msgbuf[i+1] == '\n') {
+ i++;
+ continue;
+ }
+ sz = write(fd, &msgbuf[i++], 1);
+ if ( sz != 1 ) {
+ DEBUG(0,("Write error to fd %d: %ld(%d)\n",fd, (long)sz, errno ));
+ }
+ }
+ } else {
+ for (i = 0; i < len;) {
+ if (msg[i] == '\r' && i < (len-1) && msg[i+1] == '\n') {
+ i++;
+ continue;
+ }
+ sz = write(fd, &msg[i++],1);
+ if ( sz != 1 ) {
+ DEBUG(0,("Write error to fd %d: %ld(%d)\n",fd, (long)sz, errno ));
+ }
+ }
+ SAFE_FREE(msg);
+ }
+ close(fd);
+
+ /* run the command */
+ if (*lp_msg_command()) {
+ fstring alpha_msgfrom;
+ fstring alpha_msgto;
+ pstring s;
+
+ pstrcpy(s,lp_msg_command());
+ pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom)));
+ pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto)));
+ standard_sub_basic(current_user_info.smb_name, s, sizeof(s));
+ pstring_sub(s,"%s",name);
+ smbrun(s,NULL);
+ }
+
+ msgpos = 0;
}
-
-
/****************************************************************************
- reply to a sends
+ Reply to a sends.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
-int reply_sends(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
+
+int reply_sends(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int len;
- char *msg;
- int outsize = 0;
- char *p;
+ int len;
+ char *msg;
+ int outsize = 0;
+ char *p;
- START_PROFILE(SMBsends);
+ START_PROFILE(SMBsends);
- msgpos = 0;
+ msgpos = 0;
- if (! (*lp_msg_command())) {
- END_PROFILE(SMBsends);
- return(ERROR_DOS(ERRSRV,ERRmsgoff));
- }
+ if (! (*lp_msg_command())) {
+ END_PROFILE(SMBsends);
+ return(ERROR_DOS(ERRSRV,ERRmsgoff));
+ }
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(outbuf,0,0,True);
- p = smb_buf(inbuf)+1;
- p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1;
- p += srvstr_pull_buf(inbuf, msgto, p, sizeof(msgto), STR_ASCII|STR_TERMINATE) + 1;
+ p = smb_buf(inbuf)+1;
+ p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1;
+ p += srvstr_pull_buf(inbuf, msgto, p, sizeof(msgto), STR_ASCII|STR_TERMINATE) + 1;
- msg = p;
+ msg = p;
- len = SVAL(msg,0);
- len = MIN(len,sizeof(msgbuf)-msgpos);
+ len = SVAL(msg,0);
+ len = MIN(len,sizeof(msgbuf)-msgpos);
- memset(msgbuf,'\0',sizeof(msgbuf));
+ memset(msgbuf,'\0',sizeof(msgbuf));
- memcpy(&msgbuf[msgpos],msg+2,len);
- msgpos += len;
+ memcpy(&msgbuf[msgpos],msg+2,len);
+ msgpos += len;
- msg_deliver();
+ msg_deliver();
- END_PROFILE(SMBsends);
- return(outsize);
+ END_PROFILE(SMBsends);
+ return(outsize);
}
-
/****************************************************************************
- reply to a sendstrt
+ Reply to a sendstrt.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
-int reply_sendstrt(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
+
+int reply_sendstrt(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int outsize = 0;
- char *p;
+ int outsize = 0;
+ char *p;
- START_PROFILE(SMBsendstrt);
+ START_PROFILE(SMBsendstrt);
- if (! (*lp_msg_command())) {
- END_PROFILE(SMBsendstrt);
- return(ERROR_DOS(ERRSRV,ERRmsgoff));
- }
+ if (! (*lp_msg_command())) {
+ END_PROFILE(SMBsendstrt);
+ return(ERROR_DOS(ERRSRV,ERRmsgoff));
+ }
- outsize = set_message(outbuf,1,0,True);
+ outsize = set_message(outbuf,1,0,True);
- memset(msgbuf,'\0',sizeof(msgbuf));
- msgpos = 0;
+ memset(msgbuf,'\0',sizeof(msgbuf));
+ msgpos = 0;
- p = smb_buf(inbuf)+1;
- p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1;
- p += srvstr_pull_buf(inbuf, msgto, p, sizeof(msgto), STR_ASCII|STR_TERMINATE) + 1;
+ p = smb_buf(inbuf)+1;
+ p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1;
+ p += srvstr_pull_buf(inbuf, msgto, p, sizeof(msgto), STR_ASCII|STR_TERMINATE) + 1;
- DEBUG( 3, ( "SMBsendstrt (from %s to %s)\n", msgfrom, msgto ) );
+ DEBUG( 3, ( "SMBsendstrt (from %s to %s)\n", msgfrom, msgto ) );
- END_PROFILE(SMBsendstrt);
- return(outsize);
+ END_PROFILE(SMBsendstrt);
+ return(outsize);
}
-
/****************************************************************************
- reply to a sendtxt
+ Reply to a sendtxt.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
-int reply_sendtxt(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
+
+int reply_sendtxt(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int len;
- int outsize = 0;
- char *msg;
- START_PROFILE(SMBsendtxt);
+ int len;
+ int outsize = 0;
+ char *msg;
+ START_PROFILE(SMBsendtxt);
- if (! (*lp_msg_command())) {
- END_PROFILE(SMBsendtxt);
- return(ERROR_DOS(ERRSRV,ERRmsgoff));
- }
+ if (! (*lp_msg_command())) {
+ END_PROFILE(SMBsendtxt);
+ return(ERROR_DOS(ERRSRV,ERRmsgoff));
+ }
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(outbuf,0,0,True);
- msg = smb_buf(inbuf) + 1;
+ msg = smb_buf(inbuf) + 1;
- len = SVAL(msg,0);
- len = MIN(len,sizeof(msgbuf)-msgpos);
+ len = SVAL(msg,0);
+ len = MIN(len,sizeof(msgbuf)-msgpos);
- memcpy(&msgbuf[msgpos],msg+2,len);
- msgpos += len;
+ memcpy(&msgbuf[msgpos],msg+2,len);
+ msgpos += len;
- DEBUG( 3, ( "SMBsendtxt\n" ) );
+ DEBUG( 3, ( "SMBsendtxt\n" ) );
- END_PROFILE(SMBsendtxt);
- return(outsize);
+ END_PROFILE(SMBsendtxt);
+ return(outsize);
}
-
/****************************************************************************
- reply to a sendend
+ Reply to a sendend.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
-int reply_sendend(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
+
+int reply_sendend(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
- int outsize = 0;
- START_PROFILE(SMBsendend);
+ int outsize = 0;
+ START_PROFILE(SMBsendend);
- if (! (*lp_msg_command())) {
- END_PROFILE(SMBsendend);
- return(ERROR_DOS(ERRSRV,ERRmsgoff));
- }
+ if (! (*lp_msg_command())) {
+ END_PROFILE(SMBsendend);
+ return(ERROR_DOS(ERRSRV,ERRmsgoff));
+ }
- outsize = set_message(outbuf,0,0,True);
+ outsize = set_message(outbuf,0,0,True);
- DEBUG(3,("SMBsendend\n"));
+ DEBUG(3,("SMBsendend\n"));
- msg_deliver();
+ msg_deliver();
- END_PROFILE(SMBsendend);
- return(outsize);
+ END_PROFILE(SMBsendend);
+ return(outsize);
}
/****************************************************************************
Reply to a negprot.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_negprot(connection_struct *conn,
/****************************************************************************
Reply to a NT CANCEL request.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_ntcancel(connection_struct *conn,
force write permissions on print services.
*/
#define AS_USER (1<<0)
-#define NEED_WRITE (1<<1)
+#define NEED_WRITE (1<<1) /* Must be paired with AS_USER */
#define TIME_INIT (1<<2)
-#define CAN_IPC (1<<3)
-#define AS_GUEST (1<<5)
+#define CAN_IPC (1<<3) /* Must be paired with AS_USER */
+#define AS_GUEST (1<<5) /* Must *NOT* be paired with AS_USER */
#define DO_CHDIR (1<<6)
/*
user_struct *vuser = NULL;
last_session_tag = session_tag;
- if(session_tag != UID_FIELD_INVALID)
+ if(session_tag != UID_FIELD_INVALID) {
vuser = get_valid_user_struct(session_tag);
- if(vuser != NULL)
- set_current_user_info(&vuser->user);
- }
-
- /* does this protocol need to be run as root? */
- if (!(flags & AS_USER))
- change_to_root_user();
-
- /* does this protocol need a valid tree connection? */
- if ((flags & AS_USER) && !conn) {
- /* Amazingly, the error code depends on the command (from Samba4). */
- if (type == SMBntcreateX) {
- return ERROR_NT(NT_STATUS_INVALID_HANDLE);
- } else {
- return ERROR_DOS(ERRSRV, ERRinvnid);
+ if (vuser) {
+ set_current_user_info(&vuser->user);
+ }
}
}
+ /* Does this call need to be run as the connected user? */
+ if (flags & AS_USER) {
+
+ /* Does this call need a valid tree connection? */
+ if (!conn) {
+ /* Amazingly, the error code depends on the command (from Samba4). */
+ if (type == SMBntcreateX) {
+ return ERROR_NT(NT_STATUS_INVALID_HANDLE);
+ } else {
+ return ERROR_DOS(ERRSRV, ERRinvnid);
+ }
+ }
- /* does this protocol need to be run as the connected user? */
- if ((flags & AS_USER) && !change_to_user(conn,session_tag)) {
- if (flags & AS_GUEST)
- flags &= ~AS_USER;
- else
+ if (!change_to_user(conn,session_tag)) {
return(ERROR_FORCE_DOS(ERRSRV,ERRbaduid));
- }
+ }
- /* this code is to work around a bug is MS client 3 without
- introducing a security hole - it needs to be able to do
- print queue checks as guest if it isn't logged in properly */
- if (flags & AS_USER)
- flags &= ~AS_GUEST;
+ /* All NEED_WRITE and CAN_IPC flags must also have AS_USER. */
- /* does it need write permission? */
- if ((flags & NEED_WRITE) && !CAN_WRITE(conn))
- return(ERROR_DOS(ERRSRV,ERRaccess));
+ /* Does it need write permission? */
+ if ((flags & NEED_WRITE) && !CAN_WRITE(conn)) {
+ return(ERROR_DOS(ERRSRV,ERRaccess));
+ }
- /* ipc services are limited */
- if (IS_IPC(conn) && (flags & AS_USER) && !(flags & CAN_IPC))
- return(ERROR_DOS(ERRSRV,ERRaccess));
+ /* IPC services are limited */
+ if (IS_IPC(conn) && !(flags & CAN_IPC)) {
+ return(ERROR_DOS(ERRSRV,ERRaccess));
+ }
+ } else {
+ /* This call needs to be run as root */
+ change_to_root_user();
+ }
/* load service specific parameters */
if (conn) {
/* does this protocol need to be run as guest? */
if ((flags & AS_GUEST) && (!change_to_guest() ||
- !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))))
+ !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1)))) {
return(ERROR_DOS(ERRSRV,ERRaccess));
+ }
current_inbuf = inbuf; /* In case we need to defer this message in open... */
outsize = smb_messages[type].fn(conn, inbuf,outbuf,size,bufsize);
return(outsize);
}
-
/****************************************************************************
Construct a reply to the incoming packet.
****************************************************************************/
/****************************************************************************
Reply to a tcon.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_tcon(connection_struct *conn,
/****************************************************************************
Reply to a tcon and X.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
/****************************************************************************
Reply to an ioctl.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_ioctl(connection_struct *conn,
/****************************************************************************
Reply to a SMBulogoffX.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
/****************************************************************************
Reply to a exit.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_exit(connection_struct *conn,
/****************************************************************************
Reply to a tdis.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_tdis(connection_struct *conn,
/****************************************************************************
Reply to a echo.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
int reply_echo(connection_struct *conn,
/****************************************************************************
Reply to a session setup command.
+ conn POINTER CAN BE NULL HERE !
****************************************************************************/
static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf,
goto done;
}
- names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
names[0] = old_name;
result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
flags, num_names, names,
/* Look up rids */
if (num_rids) {
- rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
+ if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
for (i = 0; i < num_rids; i++)
rids[i] = user_gids[i].g_rid;
const char **argv)
{
WERROR result;
- char *sharename=talloc_strdup(mem_ctx, argv[0]);
+ char *sharename;
char *path;
uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
uint32 num_users=0, perms=0;
char *password=NULL; /* don't allow a share password */
uint32 level = 2;
+ if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
path = strchr(sharename, '=');
if (!path)
return NT_STATUS_UNSUCCESSFUL;
SRV_SHARE_INFO_1 *info1;
ctr->share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1);
+ if (ctr->share.info1 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info1 = ctr->share.info1;
memset(ctr->share.info1, 0, sizeof(SRV_SHARE_INFO_1));
SRV_SHARE_INFO_2 *info2;
ctr->share.info2 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_2, 1);
+ if (ctr->share.info2 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info2 = ctr->share.info2;
memset(ctr->share.info2, 0, sizeof(SRV_SHARE_INFO_2));
SRV_SHARE_INFO_502 *info502;
ctr->share.info502 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_502, 1);
+ if (ctr->share.info502 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info502 = ctr->share.info502;
memset(ctr->share.info502, 0, sizeof(SRV_SHARE_INFO_502));
strupper_m(acct_name);
- names = TALLOC_ARRAY(mem_ctx, const char *, 1);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, 1)) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
names[0] = acct_name;
fstring padding;
int pad_len, col_len = 30;
+ if (policy == NULL) {
+ policy = "Unknown";
+ }
+ if (value == NULL) {
+ value = "Invalid";
+ }
+
/* calculate padding space for d_printf to look nicer */
pad_len = col_len - strlen(policy);
padding[pad_len] = 0;
"could not open domain");
/* Create domain user */
- acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname());
+ if ((acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname())) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
strlower_m(acct_name);
const_acct_name = acct_name;
/* get the root of the registry file */
- nk = regfio_rootkey( registry );
+ if ((nk = regfio_rootkey( registry )) == NULL) {
+ d_fprintf(stderr, "Could not get rootkey\n");
+ return 1;
+ }
d_printf("[%s]\n", nk->keyname);
dump_values( nk );
d_printf("\n");
/* get the root of the registry file */
- nk = regfio_rootkey( infile );
+ if ((nk = regfio_rootkey( infile )) == NULL) {
+ d_fprintf(stderr, "Could not get rootkey\n");
+ goto out_close_infile;
+ }
d_printf("RootKey: [%s]\n", nk->keyname);
write_registry_tree( infile, nk, NULL, outfile, "" );
}
}
+ if (pdb_get_group_sid(sam_account) == NULL) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
group_sid = *pdb_get_group_sid(sam_account);
if (!pdb_getgrsid(&map, group_sid)) {
return NT_STATUS_NO_MEMORY;
}
- nt_members = TALLOC_ZERO_ARRAY(t, char *, delta->num_members);
+ if ((nt_members = TALLOC_ZERO_ARRAY(t, char *, delta->num_members)) == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ talloc_free(t);
+ return NT_STATUS_NO_MEMORY;
+ }
for (i=0; i<delta->num_members; i++) {
struct samu *member = NULL;
return -1;
}
- ldap_bk = talloc_strdup(tc, lp_passdb_backend());
+ if ((ldap_bk = talloc_strdup(tc, lp_passdb_backend())) == NULL) {
+ d_fprintf(stderr, "talloc failed\n");
+ talloc_free(tc);
+ return -1;
+ }
p = strchr(ldap_bk, ':');
if (p) {
*p = 0;
d_fprintf(stderr, "Can't create Guest user, Domain Users group not available!\n");
goto done;
}
- pwd = talloc(tc, struct passwd);
+ if ((pwd = talloc(tc, struct passwd)) == NULL) {
+ d_fprintf(stderr, "talloc failed\n");
+ goto done;
+ }
pwd->pw_name = talloc_strdup(pwd, lp_guestaccount());
if (!winbind_allocate_uid(&(pwd->pw_uid))) {
d_fprintf(stderr, "Unable to allocate a new uid to create the Guest user!\n");
return net_usershare_delete_usage(argc, argv);
}
- sharename = strdup_lower(argv[0]);
+ if ((sharename = strdup_lower(argv[0])) == NULL) {
+ d_fprintf(stderr, "strdup failed\n");
+ return -1;
+ }
if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
d_fprintf(stderr, "net usershare delete: share name %s contains "
}
/* Get the name */
- name = talloc_strndup(ctx, pacl, pcolon - pacl);
+ if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
+ d_fprintf(stderr, "talloc_strndup failed\n");
+ talloc_destroy(ctx);
+ SAFE_FREE(sharename);
+ return -1;
+ }
if (!string_to_sid(&sid, name)) {
/* Convert to a SID */
NTSTATUS ntstatus = net_lookup_sid_from_name(ctx, name, &sid);
nt_response.length = strlen_w(((void *)nt_response.data))*sizeof(smb_ucs2_t);
- password = strdup_upper(opt_password);
+ if ((password = strdup_upper(opt_password)) == NULL) {
+ DEBUG(0, ("strdup_upper failed!\n"));
+ exit(1);
+ }
if ((convert_string_allocate(NULL, CH_UNIX,
CH_DOS, password,
/* actually do the update now */
- nk = regfio_rootkey( infile );
+ if ((nk = regfio_rootkey( infile )) == NULL) {
+ fprintf(stderr, "Could not get rootkey\n");
+ exit(3);
+ }
if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) {
fprintf(stderr, "Failed to write updated registry file!\n");
SEC_ACL *new_ace;
SEC_ACE *aces;
if (! *the_acl) {
- (*the_acl) = make_sec_acl(ctx, 3, 1, ace);
- return True;
+ return (((*the_acl) = make_sec_acl(ctx, 3, 1, ace)) != NULL);
}
- aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces);
+ if (!(aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces))) {
+ return False;
+ }
memcpy(aces, (*the_acl)->ace, (*the_acl)->num_aces * sizeof(SEC_ACE));
memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
new_ace = make_sec_acl(ctx,(*the_acl)->revision,1+(*the_acl)->num_aces, aces);
git.samba.org / samba.git / commitdiff