git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2fb7ffc)
libcli/security: tree and replace sid are not optional to sec_access_check_ds()
authorStefan Metzmacher <metze@samba.org>
Wed, 16 Jan 2013 09:07:45 +0000 (10:07 +0100)
committerStefan Metzmacher <metze@samba.org>
Mon, 27 Jun 2016 19:49:41 +0000 (21:49 +0200)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
libcli/security/access_check.c patch | blob | history

diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
index 2be59289347a7bf126bb00c4371bfef187729891..04287d0a2137c5827aee4b918a10df526e8ff4e5 100644 (file)
--- a/libcli/security/access_check.c
+++ b/libcli/security/access_check.c
@@ -461,7 +461,7 @@ NTSTATUS sec_access_check_ds(const struct security_descriptor *sd,
                        continue;
                }
 
-               if (dom_sid_equal(&ace->trustee, &self_sid) && replace_sid) {
+               if (dom_sid_equal(&ace->trustee, &self_sid)) {
                        trustee = replace_sid;
                } else {
                        trustee = &ace->trustee;
@@ -473,9 +473,7 @@ NTSTATUS sec_access_check_ds(const struct security_descriptor *sd,
 
                switch (ace->type) {
                case SEC_ACE_TYPE_ACCESS_ALLOWED:
-                       if (tree) {
-                               object_tree_modify_access(tree, ace->access_mask);
-                       }
+                       object_tree_modify_access(tree, ace->access_mask);
 
                        bits_remaining &= ~ace->access_mask;
                        break;
@@ -493,16 +491,14 @@ NTSTATUS sec_access_check_ds(const struct security_descriptor *sd,
                         */
                        type = get_ace_object_type(ace);
 
-                       if (!tree) {
-                               continue;
-                       }
-
                        if (!type) {
                                node = tree;
                        } else {
-                               if (!(node = get_object_tree_by_GUID(tree, type))) {
-                                       continue;
-                               }
+                               node = get_object_tree_by_GUID(tree, type);
+                       }
+
+                       if (node == NULL) {
+                               continue;
                        }
 
                        if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT) {
Work in progress branches