s3:auth: fix create_token_from_sid() to not fail in the winbindd case

Commit 1c3c5e2156d9096f60bd53a96b88c2f1001d898a which factored
the sid-based variant out of create_token_from_username() broke
the case of a user handled by winbindd in that the "found_username"
was set to NULL which caused the function to fail with
NT_STATUS_NO_MEMORY further down.

This patch fixes the function so that the case of found_username == NULL
is cleanly separated from the NO_MEMORY case and the caller can provide
the username in this case, if required.

This fixes bug #9457.

Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Dec 10 18:18:54 CET 2012 on sn-devel-104

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 7c79ef630b23232cef30b665a22be5e0da8fa5e3..6f4bce0a8544e82001e4082046834883c7dc9f82 100644 (file)
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -610,6 +610,11 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
                *found_username = talloc_strdup(mem_ctx,
                                                pdb_get_username(sam_acct));
 
+               if (found_username == NULL) {
+                       result = NT_STATUS_NO_MEMORY;
+                       goto done;
+               }
+
                /*
                 * If the SID from lookup_name() was the guest sid, passdb knows
                 * about the mapping of guest sid to lp_guestaccount()
@@ -700,6 +705,10 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 
                /* Ensure we're returning the found_username on the right context. */
                *found_username = talloc_strdup(mem_ctx, pass->pw_name);
+               if (found_username == NULL) {
+                       result = NT_STATUS_NO_MEMORY;
+                       goto done;
+               }
        } else {
 
                /* This user is from winbind, force the primary gid to the
@@ -737,7 +746,6 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 
                gids = gid;
 
-               /* Ensure we're returning the found_username on the right context. */
                *found_username = NULL;
        }
 
@@ -770,7 +778,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
        *token = create_local_nt_token(mem_ctx, user_sid,
                                       is_guest, num_group_sids, group_sids);
 
-       if ((*token == NULL) || (*found_username == NULL)) {
+       if (*token == NULL) {
                result = NT_STATUS_NO_MEMORY;
                goto done;
        }