svn commit: samba r9294 - in trunk/source/smbd: .

[jra at samba.org]

Author: jra
Date: 2005-08-13 01:48:31 +0000 (Sat, 13 Aug 2005)
New Revision: 9294

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9294

Log:
Fix error path memory leak bug found by Coverity - also potential NULL
deref bug (in unlikely error path) found by Coverity.
Jeremy.

Modified:
   trunk/source/smbd/posix_acls.c


Changeset:
Modified: trunk/source/smbd/posix_acls.c
===================================================================
--- trunk/source/smbd/posix_acls.c	2005-08-13 01:48:29 UTC (rev 9293)
+++ trunk/source/smbd/posix_acls.c	2005-08-13 01:48:31 UTC (rev 9294)
@@ -1548,8 +1548,12 @@
 		 * entries can be converted to *_OBJ. Usually we will already have these
 		 * entries in the Default ACL, and the Access ACL will not have them.
 		 */
-		check_owning_objs(file_ace, pfile_owner_sid, pfile_grp_sid);
-		check_owning_objs(dir_ace, pfile_owner_sid, pfile_grp_sid);
+		if (file_ace) {
+			check_owning_objs(file_ace, pfile_owner_sid, pfile_grp_sid);
+		}
+		if (dir_ace) {
+			check_owning_objs(dir_ace, pfile_owner_sid, pfile_grp_sid);
+		}
 	}
 
 	*ppfile_ace = file_ace;
@@ -2801,7 +2805,7 @@
 	
 		if (count_canon_ace_list(file_ace) == 0) {
 			DEBUG(0,("get_nt_acl : No ACLs on file (%s) !\n", fsp->fsp_name ));
-			return 0;
+			goto done;
 		}
 
 		if (fsp->is_directory && def_acl) {
@@ -2950,33 +2954,37 @@
 	if(!psd) {
 		DEBUG(0,("get_nt_acl: Unable to malloc space for security descriptor.\n"));
 		sd_size = 0;
-	} else {
-		/*
-		 * Windows 2000: The DACL_PROTECTED flag in the security
-		 * descriptor marks the ACL as non-inheriting, i.e., no
-		 * ACEs from higher level directories propagate to this
-		 * ACL. In the POSIX ACL model permissions are only
-		 * inherited at file create time, so ACLs never contain
-		 * any ACEs that are inherited dynamically. The DACL_PROTECTED
-		 * flag doesn't seem to bother Windows NT.
-		 * Always set this if map acl inherit is turned off.
-		 */
-		if (get_protected_flag(pal) || !lp_map_acl_inherit(SNUM(conn))) {
-			psd->type |= SE_DESC_DACL_PROTECTED;
-		}
+		goto done;
 	}
 
-	if (psd->dacl)
+	/*
+	 * Windows 2000: The DACL_PROTECTED flag in the security
+	 * descriptor marks the ACL as non-inheriting, i.e., no
+	 * ACEs from higher level directories propagate to this
+	 * ACL. In the POSIX ACL model permissions are only
+	 * inherited at file create time, so ACLs never contain
+	 * any ACEs that are inherited dynamically. The DACL_PROTECTED
+	 * flag doesn't seem to bother Windows NT.
+	 * Always set this if map acl inherit is turned off.
+	 */
+	if (get_protected_flag(pal) || !lp_map_acl_inherit(SNUM(conn))) {
+		psd->type |= SE_DESC_DACL_PROTECTED;
+	}
+
+	if (psd->dacl) {
 		dacl_sort_into_canonical_order(psd->dacl->ace, (unsigned int)psd->dacl->num_aces);
+	}
 
 	*ppdesc = psd;
 
  done:
 
-	if (posix_acl)
+	if (posix_acl) {
 		SMB_VFS_SYS_ACL_FREE_ACL(conn, posix_acl);
-	if (def_acl)
+	}
+	if (def_acl) {
 		SMB_VFS_SYS_ACL_FREE_ACL(conn, def_acl);
+	}
 	free_canon_ace_list(file_ace);
 	free_canon_ace_list(dir_ace);
 	free_inherited_info(pal);