svn commit: samba r14279 - branches/SAMBA_3_0/source/libsmb
trunk/source/libsmb
jmcd at samba.org
jmcd at samba.org
Mon Mar 13 01:42:44 GMT 2006
Author: jmcd
Date: 2006-03-13 01:42:40 +0000 (Mon, 13 Mar 2006)
New Revision: 14279
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14279
Log:
Fix coverity #86, 87, 88, 89:
Free grp_sid and owner_sid before returning. Also, only allow one group
or owner.
Modified:
branches/SAMBA_3_0/source/libsmb/libsmbclient.c
trunk/source/libsmb/libsmbclient.c
Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/libsmbclient.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:32:30 UTC (rev 14278)
+++ branches/SAMBA_3_0/source/libsmb/libsmbclient.c 2006-03-13 01:42:40 UTC (rev 14279)
@@ -3922,7 +3922,7 @@
{
const char *p = str;
fstring tok;
- SEC_DESC *ret;
+ SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL;
DOM_SID *owner_sid=NULL;
@@ -3937,49 +3937,65 @@
}
if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
owner_sid, tok+6)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
owner_sid, tok+7)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
@@ -3988,11 +4004,11 @@
SEC_ACE ace;
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace, ctx)) {
DEBUG(5, ("Failed to add ACL %s\n", tok));
- return NULL;
+ goto done;
}
continue;
}
@@ -4001,22 +4017,23 @@
SEC_ACE ace;
if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace, ctx)) {
DEBUG(5, ("Failed to add ACL %s\n", tok));
- return NULL;
+ goto done;
}
continue;
}
DEBUG(5, ("Failed to parse security descriptor\n"));
- return NULL;
+ goto done;
}
ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
owner_sid, grp_sid, NULL, dacl, &sd_size);
+ done:
SAFE_FREE(grp_sid);
SAFE_FREE(owner_sid);
Modified: trunk/source/libsmb/libsmbclient.c
===================================================================
--- trunk/source/libsmb/libsmbclient.c 2006-03-13 01:32:30 UTC (rev 14278)
+++ trunk/source/libsmb/libsmbclient.c 2006-03-13 01:42:40 UTC (rev 14279)
@@ -3922,7 +3922,7 @@
{
const char *p = str;
fstring tok;
- SEC_DESC *ret;
+ SEC_DESC *ret = NULL;
size_t sd_size;
DOM_SID *grp_sid=NULL;
DOM_SID *owner_sid=NULL;
@@ -3937,49 +3937,65 @@
}
if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
owner_sid, tok+6)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
+ if (owner_sid) {
+ DEBUG(5, ("OWNER specified more than once!\n"));
+ goto done;
+ }
owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!owner_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
owner_sid, tok+7)) {
DEBUG(5, ("Failed to parse owner sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
+ if (grp_sid) {
+ DEBUG(5, ("GROUP specified more than once!\n"));
+ goto done;
+ }
grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
if (!grp_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
grp_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
- return NULL;
+ goto done;
}
continue;
}
@@ -3988,11 +4004,11 @@
SEC_ACE ace;
if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace, ctx)) {
DEBUG(5, ("Failed to add ACL %s\n", tok));
- return NULL;
+ goto done;
}
continue;
}
@@ -4001,22 +4017,23 @@
SEC_ACE ace;
if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
DEBUG(5, ("Failed to parse ACL %s\n", tok));
- return NULL;
+ goto done;
}
if(!add_ace(&dacl, &ace, ctx)) {
DEBUG(5, ("Failed to add ACL %s\n", tok));
- return NULL;
+ goto done;
}
continue;
}
DEBUG(5, ("Failed to parse security descriptor\n"));
- return NULL;
+ goto done;
}
ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
owner_sid, grp_sid, NULL, dacl, &sd_size);
+ done:
SAFE_FREE(grp_sid);
SAFE_FREE(owner_sid);
More information about the samba-cvs
mailing list