svn commit: samba r20329 - in branches: SAMBA_3_0/source/nsswitch SAMBA_3_0_24/source/nsswitch

jra at samba.org jra at samba.org
Sat Dec 23 00:17:16 GMT 2006 

Author: jra
Date: 2006-12-23 00:17:15 +0000 (Sat, 23 Dec 2006)
New Revision: 20329

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20329

Log:
Fix a winbindd crash bug. If someone pulls
the network cable out of the machine *exactly*
after the init_dc_connect() call in cm_connect_sam()
or cm_connect_lsa() call succeeded but before any
of the other calls fail, and they have debug level
10 set in the log, then we'd crash due to dereferencing
a now NULL pointer (conn->cli gets set to NULL when
the init_dc_connect() call called from cm_get_schannel_dcinfo()
fails). Yes, before you ask this *did* happen on a 
customer site :-).
Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
   branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c	2006-12-22 22:34:45 UTC (rev 20328)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c	2006-12-23 00:17:15 UTC (rev 20329)
@@ -1623,7 +1623,7 @@
 			struct rpc_pipe_client **cli, POLICY_HND *sam_handle)
 {
 	struct winbindd_cm_conn *conn;
-	NTSTATUS result;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	fstring conn_pwd;
 	struct dcinfo *p_dcinfo;
 
@@ -1693,8 +1693,9 @@
 	/* Fall back to schannel if it's a W2K pre-SP1 box. */
 
 	if (!cm_get_schannel_dcinfo(domain, &p_dcinfo)) {
+		/* If this call fails - conn->cli can now be NULL ! */
 		DEBUG(10, ("cm_connect_sam: Could not get schannel auth info "
-			   "for domain %s, trying anon\n", conn->cli->domain));
+			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
 	conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key
@@ -1766,7 +1767,7 @@
 			struct rpc_pipe_client **cli, POLICY_HND *lsa_policy)
 {
 	struct winbindd_cm_conn *conn;
-	NTSTATUS result;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	fstring conn_pwd;
 	struct dcinfo *p_dcinfo;
 
@@ -1825,8 +1826,9 @@
 	/* Fall back to schannel if it's a W2K pre-SP1 box. */
 
 	if (!cm_get_schannel_dcinfo(domain, &p_dcinfo)) {
+		/* If this call fails - conn->cli can now be NULL ! */
 		DEBUG(10, ("cm_connect_lsa: Could not get schannel auth info "
-			   "for domain %s, trying anon\n", conn->cli->domain));
+			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
 	conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key
@@ -1869,7 +1871,7 @@
  done:
 	if (!NT_STATUS_IS_OK(result)) {
 		invalidate_cm_connection(conn);
-		return NT_STATUS_UNSUCCESSFUL;
+		return result;
 	}
 
 	*cli = conn->lsa_pipe;

Modified: branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c
===================================================================
--- branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c	2006-12-22 22:34:45 UTC (rev 20328)
+++ branches/SAMBA_3_0_24/source/nsswitch/winbindd_cm.c	2006-12-23 00:17:15 UTC (rev 20329)
@@ -1623,7 +1623,7 @@
 			struct rpc_pipe_client **cli, POLICY_HND *sam_handle)
 {
 	struct winbindd_cm_conn *conn;
-	NTSTATUS result;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	fstring conn_pwd;
 	struct dcinfo *p_dcinfo;
 
@@ -1693,8 +1693,9 @@
 	/* Fall back to schannel if it's a W2K pre-SP1 box. */
 
 	if (!cm_get_schannel_dcinfo(domain, &p_dcinfo)) {
+		/* If this call fails - conn->cli can now be NULL ! */
 		DEBUG(10, ("cm_connect_sam: Could not get schannel auth info "
-			   "for domain %s, trying anon\n", conn->cli->domain));
+			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
 	conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key
@@ -1766,7 +1767,7 @@
 			struct rpc_pipe_client **cli, POLICY_HND *lsa_policy)
 {
 	struct winbindd_cm_conn *conn;
-	NTSTATUS result;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	fstring conn_pwd;
 	struct dcinfo *p_dcinfo;
 
@@ -1825,8 +1826,9 @@
 	/* Fall back to schannel if it's a W2K pre-SP1 box. */
 
 	if (!cm_get_schannel_dcinfo(domain, &p_dcinfo)) {
+		/* If this call fails - conn->cli can now be NULL ! */
 		DEBUG(10, ("cm_connect_lsa: Could not get schannel auth info "
-			   "for domain %s, trying anon\n", conn->cli->domain));
+			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
 	conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key
@@ -1869,7 +1871,7 @@
  done:
 	if (!NT_STATUS_IS_OK(result)) {
 		invalidate_cm_connection(conn);
-		return NT_STATUS_UNSUCCESSFUL;
+		return result;
 	}
 
 	*cli = conn->lsa_pipe;

More information about the samba-cvs mailing list