[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Tue Dec 11 12:05:02 MST 2012 

The branch, master has been updated
       via  0f75d92 s3:auth: Tidy up some of the API confusion in create_token_from_XXX() calls.
       via  a20c474 s3:auth: fix dereference level in talloc checks in  create_token_from_sid()
      from  9ee3343 selftest: skip the samba4.rpc.samr.passwords test in ncacn_np(dc) and s4member environments

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 0f75d9274cff7095dfab251307231a5a911f0c8d
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Dec 10 13:22:10 2012 -0800

    s3:auth: Tidy up some of the API confusion in create_token_from_XXX() calls.
    
    Based on Michaels example, split out the return of NT_STATUS_NO_MEMORY
    on talloc fail from other possible errors. Allow the NTSTATUS return
    to be the only valid indication of success in these calls.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Tue Dec 11 20:04:25 CET 2012 on sn-devel-104

commit a20c47410fb74716c0c8b2583fd4d0ae0145fd7d
Author: Michael Adam <obnox at samba.org>
Date:   Tue Dec 11 18:05:31 2012 +0100

    s3:auth: fix dereference level in talloc checks in  create_token_from_sid()
    
    Commit c5b150b33fc54ed97dbd0736cc6f4c15977d6e70 introduced these checks.
    The current check "found_username == NULL" is wrong (we would segfault earlier
    in this case). We need to check *found_username == NULL instead as
    noted by Günter.
    
    Reported-by: Günter Kukkukk <linux at kukkukk.com>
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/token_util.c |   19 +++++++++++--------
 1 files changed, 11 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 8a73a71..ac242f1 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -610,7 +610,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 		*found_username = talloc_strdup(mem_ctx,
 						pdb_get_username(sam_acct));
 
-		if (found_username == NULL) {
+		if (*found_username == NULL) {
 			result = NT_STATUS_NO_MEMORY;
 			goto done;
 		}
@@ -705,7 +705,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 
 		/* Ensure we're returning the found_username on the right context. */
 		*found_username = talloc_strdup(mem_ctx, pass->pw_name);
-		if (found_username == NULL) {
+		if (*found_username == NULL) {
 			result = NT_STATUS_NO_MEMORY;
 			goto done;
 		}
@@ -837,16 +837,19 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 		goto done;
 	}
 
+	/*
+	 * If result == NT_STATUS_OK then
+	 * we know we have a valid token. Ensure
+	 * we also have a valid username to match.
+	 */
+
 	if (*found_username == NULL) {
 		*found_username = talloc_strdup(mem_ctx, username);
+		if (*found_username == NULL) {
+			result = NT_STATUS_NO_MEMORY;
+		}
 	}
 
-	if ((*token == NULL) || (*found_username == NULL)) {
-		result = NT_STATUS_NO_MEMORY;
-		goto done;
-	}
-
-	result = NT_STATUS_OK;
 done:
 	TALLOC_FREE(tmp_ctx);
 	return result;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list