libcli/security/sddl: improve some SDDL error messages

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/libcli/security/sddl.c b/libcli/security/sddl.c
index a4659c107b5532ffafb0c5c08fcc8cfc3a95015b..1f2ac644f67f5272ec5346184f460fd3fbe1dc22 100644 (file)
--- a/libcli/security/sddl.c
+++ b/libcli/security/sddl.c
@@ -731,7 +731,8 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx,
                if (s[length] != ')') {
                        *msg = talloc_strdup(
                                mem_ctx,
-                               "Conditional ACE has trailing bytes");
+                               "Conditional ACE has trailing bytes"
+                               " or lacks ')'");
                        *msg_offset = s + length - *sddl_copy;
                        return false;
                }
@@ -767,7 +768,8 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx,
                if (s[length] != ')') {
                        *msg = talloc_strdup(
                                mem_ctx,
-                               "Resource Attribute ACE has trailing bytes");
+                               "Resource Attribute ACE has trailing bytes"
+                               " or lacks ')'");
                        *msg_offset = s + length - *sddl_copy;
                        return false;
                }