svn commit: samba r14675 - branches/SAMBA_3_0/source/nsswitch
trunk/source/nsswitch
gd at samba.org
gd at samba.org
Thu Mar 23 13:22:55 GMT 2006
Author: gd
Date: 2006-03-23 13:22:54 +0000 (Thu, 23 Mar 2006)
New Revision: 14675
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14675
Log:
Protect against null sids and rids in the cached credentials functions.
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
trunk/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-03-23 12:50:25 UTC (rev 14674)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-03-23 13:22:54 UTC (rev 14675)
@@ -800,11 +800,20 @@
struct winbind_cache *cache = get_cache(domain);
TDB_DATA data;
fstring key_str;
+ uint32 rid;
if (!cache->tdb) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
fstr_sprintf(key_str, "CRED/%s", sid_string_static(sid));
data = tdb_fetch(cache->tdb, make_tdb_data(key_str, strlen(key_str)));
@@ -825,11 +834,20 @@
struct cache_entry *centry = NULL;
NTSTATUS status;
time_t t;
+ uint32 rid;
if (!cache->tdb) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
centry = wcache_fetch(cache, domain, "CRED/%s", sid_string_static(sid));
if (!centry) {
@@ -860,9 +878,17 @@
{
struct cache_entry *centry;
fstring sid_string;
- NTSTATUS status = NT_STATUS_OK; /* ??? */
+ uint32 rid;
- centry = centry_start(domain, status);
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ centry = centry_start(domain, NT_STATUS_OK);
if (!centry) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
Modified: trunk/source/nsswitch/winbindd_cache.c
===================================================================
--- trunk/source/nsswitch/winbindd_cache.c 2006-03-23 12:50:25 UTC (rev 14674)
+++ trunk/source/nsswitch/winbindd_cache.c 2006-03-23 13:22:54 UTC (rev 14675)
@@ -800,11 +800,20 @@
struct winbind_cache *cache = get_cache(domain);
TDB_DATA data;
fstring key_str;
+ uint32 rid;
if (!cache->tdb) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
fstr_sprintf(key_str, "CRED/%s", sid_string_static(sid));
data = tdb_fetch(cache->tdb, make_tdb_data(key_str, strlen(key_str)));
@@ -825,11 +834,20 @@
struct cache_entry *centry = NULL;
NTSTATUS status;
time_t t;
+ uint32 rid;
if (!cache->tdb) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
centry = wcache_fetch(cache, domain, "CRED/%s", sid_string_static(sid));
if (!centry) {
@@ -860,9 +878,17 @@
{
struct cache_entry *centry;
fstring sid_string;
- NTSTATUS status = NT_STATUS_OK; /* ??? */
+ uint32 rid;
- centry = centry_start(domain, status);
+ if (is_null_sid(sid)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+ return NT_STATUS_INVALID_SID;
+ }
+
+ centry = centry_start(domain, NT_STATUS_OK);
if (!centry) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
More information about the samba-cvs
mailing list