svn commit: samba r17496 - in branches/SAMBA_3_0/source/utils: .

[jra at samba.org]

Author: jra
Date: 2006-08-11 18:09:59 +0000 (Fri, 11 Aug 2006)
New Revision: 17496

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17496

Log:
net groupmap add could add uninitialized sid_name_type
entries to the group mapping db. Ensure this can't happen.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/utils/net_groupmap.c


Changeset:
Modified: branches/SAMBA_3_0/source/utils/net_groupmap.c
===================================================================
--- branches/SAMBA_3_0/source/utils/net_groupmap.c	2006-08-11 13:16:59 UTC (rev 17495)
+++ branches/SAMBA_3_0/source/utils/net_groupmap.c	2006-08-11 18:09:59 UTC (rev 17496)
@@ -188,7 +188,14 @@
 	uint32 rid = 0;	
 	int i;
 	GROUP_MAP map;
-	
+	const char *name_type;
+
+	ZERO_STRUCT(map);
+
+	/* Default is domain group. */
+	map.sid_name_use = SID_NAME_DOM_GRP;
+	name_type = "domain group";
+
 	/* get the options */
 	for ( i=0; i<argc; i++ ) {
 		if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) {
@@ -237,15 +244,21 @@
 				case 'b':
 				case 'B':
 					map.sid_name_use = SID_NAME_WKN_GRP;
+					name_type = "wellknown group";
 					break;
 				case 'd':
 				case 'D':
 					map.sid_name_use = SID_NAME_DOM_GRP;
+					name_type = "domain group";
 					break;
 				case 'l':
 				case 'L':
 					map.sid_name_use = SID_NAME_ALIAS;
+					name_type = "alias (local) group";
 					break;
+				default:
+					d_fprintf(stderr, "unknown group type %s\n", type);
+					return -1;
 			}
 		}
 		else {
@@ -316,8 +329,8 @@
 		return -1;
 	}
 
-	d_printf("Successfully added group %s to the mapping db\n",
-		 map.nt_name);
+	d_printf("Successfully added group %s to the mapping db as a %s\n",
+		 map.nt_name, name_type);
 	return 0;
 }
 
@@ -413,15 +426,19 @@
 	 * Allow changing of group type only between domain and local
 	 * We disallow changing Builtin groups !!! (SID problem)
 	 */ 
-	if (sid_type != SID_NAME_UNKNOWN) { 
-		if (map.sid_name_use == SID_NAME_WKN_GRP) {
-			d_fprintf(stderr, "You can only change between domain and local groups.\n");
-			return -1;
-		}
-		
-		map.sid_name_use=sid_type;
+
+	if (sid_type == SID_NAME_UNKNOWN) {
+		d_fprintf(stderr, "Can't map to an unknown group type.\n");
+		return -1;
 	}
 
+	if (map.sid_name_use == SID_NAME_WKN_GRP) {
+		d_fprintf(stderr, "You can only change between domain and local groups.\n");
+		return -1;
+	}
+		
+	map.sid_name_use=sid_type;
+
 	/* Change comment if new one */
 	if ( ntcomment[0] )
 		fstrcpy( map.comment, ntcomment );