[SCM] Samba Shared Repository - branch v4-1-test updated
Karolin Seeger
kseeger at samba.org
Thu Jan 15 04:11:33 MST 2015
The branch, v4-1-test has been updated
via c4e46cd VERSION: Bump version up to 4.1.17.
via af5c876 Merge tag 'samba-4.1.16' into v4-1-test
via 1c6bcc0 smbd: Fix CID 1063259 Uninitialized scalar variable
via 5bbf2df s3-libads: Fix a possible segfault in kerberos_fetch_pac().
via e968af8 spoolss: clear PrinterInfo on GetPrinter error
via fd9daf3 spoolss: clear info on GetPrinterDriverDirectory error
via fcbeb46 spoolss: clear info on GetPrintProcessorDirectory error
via 50a72f0 spoolss: clear FormInfo on GetForm error
via 1719bda spoolss: clear DriverInfo on GetPrinterDriver2 error
via a9dab56 spoolss: clear JobInfo on GetJob error
via c5cff32 vfs: Add glusterfs manpage.
via ecb145c net: Fix sam addgroupmem
via 333d257 dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
via 2baeba4 s3-util: Fix authentication with long hostnames.
via 1e682c3 VERSION: Disable git snapshots for the 4.1.16 release.
via 8010553 WHATSNEW: Add release notes for Samba 4.1.16.
via 5cc1c0e CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl
via 3c93b57 CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c
via f2cb9b9 CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag
via 9e15786 CVE-2014-8143:auth: Force talloc type of session_info pointer to match
via cc49a60 VERSION: Bump version up to 4.1.16...
from 9f52de7 VERSION: Bump version up to 4.1.16...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit c4e46cd4e32ef5bf25f3a21f74bb40dfb1dd3c0d
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jan 15 12:10:58 2015 +0100
VERSION: Bump version up to 4.1.17.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit af5c87631de5712b2b31856233c23ca772eb8aa4
Merge: 1c6bcc0 1e682c3
Author: Karolin Seeger <kseeger at samba.org>
Date: Thu Jan 15 12:10:22 2015 +0100
Merge tag 'samba-4.1.16' into v4-1-test
samba: tag release samba-4.1.16
commit 1c6bcc0d7f63fe3b18500bd2a5d532746302345c
Author: Volker Lendecke <vl at samba.org>
Date: Sun Aug 18 20:35:32 2013 +0000
smbd: Fix CID 1063259 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11041
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cc983c9a6a92f3d127ec6461b15aed3fa90e6d30)
Reviewed-by: David Disseldorp <ddiss at samba.org>
commit 5bbf2df3fe60ed124a05a515d7128fe5e750f29b
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jan 7 17:12:54 2015 +0100
s3-libads: Fix a possible segfault in kerberos_fetch_pac().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11037
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a13e29cc4345d85ab6fe4482119386b87e4e8673)
commit e968af8e5e7e1d19b7da2222270e8af01f1ea49a
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Dec 17 16:54:42 2014 +0100
spoolss: clear PrinterInfo on GetPrinter error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a11e97b79645ff0d9e7d20f5318a979194a858fe)
commit fd9daf39e7faa76a5b8b47c316a16ed257dea837
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Dec 17 16:47:50 2014 +0100
spoolss: clear info on GetPrinterDriverDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c9fccb5018f9a19bb654b9ad79aa716e37a274d6)
commit fcbeb4638d2120c20ff361720723554cbf1e4c3a
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Dec 17 15:54:22 2014 +0100
spoolss: clear info on GetPrintProcessorDirectory error
If an error is returned without zeroing a pre-allocated @info pointer,
then marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 679c781112ce6b7cffca11c28e58ae5f9a0d717d)
commit 50a72f093547d543036ea7a3df3d1ef49590af17
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Dec 17 15:29:52 2014 +0100
spoolss: clear FormInfo on GetForm error
In handling a spoolss GetForm request, the handler may return an
immediate error if one of the input parameters is invalid. If this is
done without zeroing the pre-allocated @info pointer, then marshalling
of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b113ed6043622cdec68f3a70631b363594f3a8d0)
commit 1719bdaffe2a13166256aa24526dbd0b3aaeb0ca
Author: David Disseldorp <ddiss at samba.org>
Date: Wed Dec 17 15:21:33 2014 +0100
spoolss: clear DriverInfo on GetPrinterDriver2 error
In handling a spoolss GetPrinterDriver2 request, the handler may
return an immediate error if one of the input parameters is invalid.
If this is done without zeroing the pre-allocated @info pointer, then
marshalling of the response will fail.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit fb9ecb044ee986ab3496da6cbad162a224378475)
commit a9dab567e882a6ffd376c5f39112cf00866c2d63
Author: David Disseldorp <ddiss at samba.org>
Date: Thu Dec 4 20:03:39 2014 +0100
spoolss: clear JobInfo on GetJob error
In handling a spoolss GetJob request, the _spoolss_GetJob() handler may
return an immediate error if one of the input parameters is invalid. If
this is done without zeroing the pre-allocated @info pointer, then
api_spoolss_GetJob() will attempt to marshall @info, which in the case
of an @offered value of zero results in a marshalling error:
ndr_push_error(7): Bad subcontext (PUSH) content_size 64 is larger
than size_is(0)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10984
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 89869e090c56a3f83b451b437f9c3f40a231dd24)
commit c5cff323b43d9c9785cce4495921dc755da8991a
Author: Günther Deschner <gd at samba.org>
Date: Wed Dec 17 13:48:53 2014 +0100
vfs: Add glusterfs manpage.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10240
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed Jan 7 20:57:57 CET 2015 on sn-devel-104
commit ecb145cb1400aa68903b2ee25476f6a4768f193f
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jan 13 12:51:13 2015 +0100
net: Fix sam addgroupmem
Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the
PAC/Info3 struct. We should allow this in net sam addgroupmem.
Volker
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11051
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104
commit 333d25739eb5a0d347ff8c57726ea184af4c1ec9
Author: Garming Sam <garming at catalyst.net.nz>
Date: Thu Dec 4 11:53:12 2014 +1300
dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
This includes additional tests based directly on the docs, rather than
simply testing our internal implementation in client and server contexts,
that create a user and groups.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022
Pair-programmed-with: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Garming-Sam <garming at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
(similar to commit e4213512d0a967e87a74a1ae816c903fb38dd8b9)
commit 2baeba404c3d18d032860503385f174c269fc991
Author: Andreas Schneider <asn at samba.org>
Date: Mon Jan 12 18:12:13 2015 +0100
s3-util: Fix authentication with long hostnames.
If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly
check the hostname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit da2611adef32107f5a0eec97501c01232ab72efc)
Signed-off-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 55 ++++-
docs-xml/manpages/vfs_glusterfs.8.xml | 151 ++++++++++++
docs-xml/wscript_build | 1 +
librpc/idl/security.idl | 13 +-
source3/lib/util.c | 4 +-
source3/libads/authdata.c | 8 +-
source3/rpc_server/spoolss/srv_spoolss_nt.c | 78 ++++--
source3/smbd/process.c | 1 +
source3/utils/net_sam.c | 8 +-
source4/auth/session.c | 5 +
source4/dsdb/common/util.c | 4 +-
source4/dsdb/pydsdb.c | 1 +
source4/dsdb/samdb/ldb_modules/operational.c | 66 ++++-
source4/dsdb/samdb/ldb_modules/samldb.c | 192 ++++++++++++++-
source4/dsdb/samdb/samdb.h | 6 +
source4/dsdb/tests/python/token_group.py | 347 ++++++++++++++++++++++++++-
source4/rpc_server/lsa/dcesrv_lsa.c | 15 +-
source4/setup/schema_samba4.ldif | 1 +
19 files changed, 898 insertions(+), 60 deletions(-)
create mode 100644 docs-xml/manpages/vfs_glusterfs.8.xml
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 63725ef..d5fd4a8 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=1
-SAMBA_VERSION_RELEASE=16
+SAMBA_VERSION_RELEASE=17
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index fe8cbeb..81a1d56 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,55 @@
==============================
+ Release Notes for Samba 4.1.16
+ January 15, 2015
+ ==============================
+
+
+This is a security release in order to address CVE-2014-8143 (Elevation
+of privilege to Active Directory Domain Controller).
+
+o CVE-2014-8143:
+ Samba's AD DC allows the administrator to delegate
+ creation of user or computer accounts to specific users or groups.
+
+ However, all released versions of Samba's AD DC did not implement the
+ additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the
+ userAccountControl attributes.
+
+
+Changes since 4.1.15:
+---------------------
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 10993: CVE-2014-8143: dsdb-samldb: Check for extended access
+ rights before we allow changes to userAccountControl.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+======================================================================
+
+ ==============================
Release Notes for Samba 4.1.15
January 12, 2015
==============================
@@ -78,10 +129,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
-======================================================================
==============================
Release Notes for Samba 4.1.14
diff --git a/docs-xml/manpages/vfs_glusterfs.8.xml b/docs-xml/manpages/vfs_glusterfs.8.xml
new file mode 100644
index 0000000..83032cc
--- /dev/null
+++ b/docs-xml/manpages/vfs_glusterfs.8.xml
@@ -0,0 +1,151 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="vfs_glusterfs.8">
+
+<refmeta>
+ <refentrytitle>vfs_glusterfs</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="source">Samba</refmiscinfo>
+ <refmiscinfo class="manual">System Administration tools</refmiscinfo>
+ <refmiscinfo class="version">4.2</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+ <refname>vfs_glusterfs</refname>
+ <refpurpose>
+ Utilize features provided by GlusterFS
+ </refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis>
+ <command>vfs objects = glusterfs</command>
+ </cmdsynopsis>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>This VFS module is part of the
+ <citerefentry><refentrytitle>samba</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> suite.</para>
+
+ <para>
+ The <command>vfs_glusterfs</command> VFS module exposes
+ GlusterFS specific features for use by Samba.
+ </para>
+
+ <para>
+ GlusterFS is a clustered file system, capable of scaling
+ to several peta-bytes. It aggregates various storage bricks
+ over Infiniband RDMA or TCP/IP and interconnect into one large
+ parallel network file system. Storage bricks can be made of any
+ commodity hardware, such as x86-64 server with SATA-II RAID and
+ Infiniband HBA.
+
+ GlusterFS is fully POSIX compliant file system. It supports
+ standard clients running standard applications over any standard
+ IP network and also FUSE. It works seemlessly on
+ different operating systems, currently supported on GNU/Linux
+ and Solaris.
+ </para>
+
+ <para>
+ This module is stackable, provided glusterfs lies in the bottom
+ of the stack.
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>CONFIGURATION</title>
+
+ <para>
+ <command>vfs_glusterfs</command> requires that the underlying share
+ path is a Gluster filesystem.
+ </para>
+
+ <programlisting>
+ <smbconfsection name="[share]"/>
+ <smbconfoption name="vfs objects">glusterfs</smbconfoption>
+ </programlisting>
+</refsect1>
+
+<refsect1>
+ <title>OPTIONS</title>
+
+ <variablelist>
+
+ <varlistentry>
+ <term>glusterfs:logfile = path</term>
+ <listitem>
+ <para>
+ Defines whether and where to store a vfs_glusterfs specific
+ logfile. Client variable substitution is supported (i.e.
+ %M, %m, %I), hence per client log file can be
+ %specified.
+ </para>
+ <para>
+ Example: glusterfs:logfile =
+ %/var/log/samba/glusterfs-vol2.%M.log
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>glusterfs:loglevel = 0-9</term>
+ <listitem>
+ <para>
+ Defines the level of logging, with higher numbers corresponding to more verbosity.
+ 0 - No logs; 9 - Trace log level; 7 being the info log level is preferred.
+ </para>
+ <para>
+ If this option is not defined with an explicit loglevel,
+ the glusterfs default is used (currently loglevel 7).
+ </para>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>glusterfs:volfile_server = servername</term>
+ <listitem>
+ <para>
+ Defines which volfile server to use, defaults to
+ localhost.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>glusterfs:volume = volumename</term>
+ <listitem>
+ <para>
+ Defines the glusterfs volumename to use for this share.
+ </para>
+ </listitem>
+
+ </varlistentry>
+ </variablelist>
+
+</refsect1>
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>
+ This man page is correct for version 4.2.0 of the Samba suite.
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.</para>
+
+</refsect1>
+
+</refentry>
diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build
index 7af0f68..fa8fc4d 100644
--- a/docs-xml/wscript_build
+++ b/docs-xml/wscript_build
@@ -61,6 +61,7 @@ manpages='''
manpages/vfs_fake_perms.8
manpages/vfs_fileid.8
manpages/vfs_full_audit.8
+ manpages/vfs_glusterfs.8
manpages/vfs_gpfs.8
manpages/vfs_linux_xfs_sgid.8
manpages/vfs_media_harmony.8
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index eb80a86..78c13c9 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -674,14 +674,21 @@ interface security
const string GUID_DRS_CHANGE_RID_MASTER = "d58d5f36-0a98-11d1-adbb-00c04fd8d5cd";
const string GUID_DRS_CHANGE_SCHEMA_MASTER = "e12b56b6-0a95-11d1-adbb-00c04fd8d5cd";
const string GUID_DRS_GET_CHANGES = "1131f6aa-9c07-11d1-f79f-00c04fc2dcd2";
+ const string GUID_DRS_REPL_SYNCRONIZE = "1131f6ab-9c07-11d1-f79f-00c04fc2dcd2";
+ const string GUID_DRS_MANAGE_TOPOLOGY = "1131f6ac-9c07-11d1-f79f-00c04fc2dcd2";
const string GUID_DRS_GET_ALL_CHANGES = "1131f6ad-9c07-11d1-f79f-00c04fc2dcd2";
+ const string GUID_DRS_RO_REPL_SECRET_SYNC = "1131f6ae-9c07-11d1-f79f-00c04fc2dcd2";
const string GUID_DRS_GET_FILTERED_ATTRIBUTES = "89e95b76-444d-4c62-991a-0facbeda640c";
- const string GUID_DRS_MANAGE_TOPOLOGY = "1131f6ac-9c07-11d1-f79f-00c04fc2dcd2";
const string GUID_DRS_MONITOR_TOPOLOGY = "f98340fb-7c5b-4cdb-a00b-2ebdfa115a96";
- const string GUID_DRS_REPL_SYNCRONIZE = "1131f6ab-9c07-11d1-f79f-00c04fc2dcd2";
- const string GUID_DRS_RO_REPL_SECRET_SYNC = "1131f6ae-9c07-11d1-f79f-00c04fc2dcd2";
const string GUID_DRS_USER_CHANGE_PASSWORD = "ab721a53-1e2f-11d0-9819-00aa0040529b";
const string GUID_DRS_FORCE_CHANGE_PASSWORD = "00299570-246d-11d0-a768-00aa006e0529";
+ const string GUID_DRS_UPDATE_PASSWORD_NOT_REQUIRED_BIT
+ = "280f369c-67c7-438e-ae98-1d46f3c6f541";
+ const string GUID_DRS_UNEXPIRE_PASSWORD = "ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501";
+ const string GUID_DRS_ENABLE_PER_USER_REVERSIBLY_ENCRYPTED_PASSWORD
+ = "05c74c5e-4deb-43b4-bd9f-86664c2a7fd5";
+ const string GUID_DRS_DS_INSTALL_REPLICA = "9923a32a-3607-11d2-b9be-0000f87a36b2";
+
/***************************************************************/
/* validated writes guids */
diff --git a/source3/lib/util.c b/source3/lib/util.c
index f64e2a3..9e6ac9c 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -1192,7 +1192,9 @@ bool is_myname(const char *s)
bool ret = False;
for (n=0; my_netbios_names(n); n++) {
- if (strequal(my_netbios_names(n), s)) {
+ const char *nbt_name = my_netbios_names(n);
+
+ if (strncasecmp_m(nbt_name, s, strlen(nbt_name)) == 0) {
ret=True;
break;
}
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 2c667a6..b4aee72 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -59,17 +59,17 @@ static NTSTATUS kerberos_fetch_pac(struct auth4_context *auth_ctx,
return NT_STATUS_NO_MEMORY;
}
- if (pac_blob) {
+ if (pac_blob != NULL) {
status = kerberos_pac_logon_info(tmp_ctx, *pac_blob, NULL, NULL,
NULL, NULL, 0, &logon_info);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- }
- talloc_set_name_const(logon_info, "struct PAC_LOGON_INFO");
+ talloc_set_name_const(logon_info, "struct PAC_LOGON_INFO");
- auth_ctx->private_data = talloc_steal(auth_ctx, logon_info);
+ auth_ctx->private_data = talloc_steal(auth_ctx, logon_info);
+ }
*session_info = talloc_zero(mem_ctx, struct auth_session_info);
if (!*session_info) {
status = NT_STATUS_NO_MEMORY;
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index c451212..17eee50 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -4773,17 +4773,20 @@ WERROR _spoolss_GetPrinter(struct pipes_struct *p,
/* that's an [in out] buffer */
if (!r->in.buffer && (r->in.offered != 0)) {
- return WERR_INVALID_PARAM;
+ result = WERR_INVALID_PARAM;
+ goto err_info_free;
}
*r->out.needed = 0;
if (Printer == NULL) {
- return WERR_BADFID;
+ result = WERR_BADFID;
+ goto err_info_free;
}
if (!get_printer_snum(p, r->in.handle, &snum, NULL)) {
- return WERR_BADFID;
+ result = WERR_BADFID;
+ goto err_info_free;
}
result = winreg_get_printer_internal(p->mem_ctx,
@@ -4792,7 +4795,7 @@ WERROR _spoolss_GetPrinter(struct pipes_struct *p,
lp_const_servicename(snum),
&info2);
if (!W_ERROR_IS_OK(result)) {
- goto out;
+ goto err_info_free;
}
switch (r->in.level) {
@@ -4852,12 +4855,10 @@ WERROR _spoolss_GetPrinter(struct pipes_struct *p,
}
TALLOC_FREE(info2);
- out:
if (!W_ERROR_IS_OK(result)) {
DEBUG(0, ("_spoolss_GetPrinter: failed to construct printer info level %d - %s\n",
r->in.level, win_errstr(result)));
- TALLOC_FREE(r->out.info);
- return result;
+ goto err_info_free;
}
*r->out.needed = SPOOLSS_BUFFER_UNION(spoolss_PrinterInfo,
@@ -4865,6 +4866,10 @@ WERROR _spoolss_GetPrinter(struct pipes_struct *p,
r->out.info = SPOOLSS_BUFFER_OK(r->out.info, NULL);
return SPOOLSS_BUFFER_OK(WERR_OK, WERR_INSUFFICIENT_BUFFER);
+
+err_info_free:
+ TALLOC_FREE(r->out.info);
+ return result;
}
/********************************************************************
@@ -5681,14 +5686,16 @@ WERROR _spoolss_GetPrinterDriver2(struct pipes_struct *p,
/* that's an [in out] buffer */
if (!r->in.buffer && (r->in.offered != 0)) {
- return WERR_INVALID_PARAM;
+ result = WERR_INVALID_PARAM;
+ goto err_info_free;
}
DEBUG(4,("_spoolss_GetPrinterDriver2\n"));
if (!(printer = find_printer_index_by_hnd(p, r->in.handle))) {
DEBUG(0,("_spoolss_GetPrinterDriver2: invalid printer handle!\n"));
- return WERR_INVALID_PRINTER_NAME;
+ result = WERR_INVALID_PRINTER_NAME;
+ goto err_info_free;
}
*r->out.needed = 0;
@@ -5696,7 +5703,8 @@ WERROR _spoolss_GetPrinterDriver2(struct pipes_struct *p,
*r->out.server_minor_version = 0;
if (!get_printer_snum(p, r->in.handle, &snum, NULL)) {
- return WERR_BADFID;
+ result = WERR_BADFID;
+ goto err_info_free;
}
if (r->in.client_major_version == SPOOLSS_DRIVER_VERSION_2012) {
@@ -5713,8 +5721,7 @@ WERROR _spoolss_GetPrinterDriver2(struct pipes_struct *p,
r->in.architecture,
version);
if (!W_ERROR_IS_OK(result)) {
- TALLOC_FREE(r->out.info);
- return result;
+ goto err_info_free;
}
*r->out.needed = SPOOLSS_BUFFER_UNION(spoolss_DriverInfo,
@@ -5722,6 +5729,10 @@ WERROR _spoolss_GetPrinterDriver2(struct pipes_struct *p,
r->out.info = SPOOLSS_BUFFER_OK(r->out.info, NULL);
return SPOOLSS_BUFFER_OK(WERR_OK, WERR_INSUFFICIENT_BUFFER);
+
+err_info_free:
+ TALLOC_FREE(r->out.info);
+ return result;
}
@@ -7842,6 +7853,7 @@ WERROR _spoolss_GetForm(struct pipes_struct *p,
/* that's an [in out] buffer */
if (!r->in.buffer && (r->in.offered != 0)) {
+ TALLOC_FREE(r->out.info);
return WERR_INVALID_PARAM;
}
@@ -8532,6 +8544,7 @@ WERROR _spoolss_GetPrinterDriverDirectory(struct pipes_struct *p,
/* that's an [in out] buffer */
if (!r->in.buffer && (r->in.offered != 0)) {
+ TALLOC_FREE(r->out.info);
return WERR_INVALID_PARAM;
}
@@ -9479,7 +9492,8 @@ WERROR _spoolss_GetJob(struct pipes_struct *p,
/* that's an [in out] buffer */
if (!r->in.buffer && (r->in.offered != 0)) {
- return WERR_INVALID_PARAM;
+ result = WERR_INVALID_PARAM;
+ goto err_jinfo_free;
}
DEBUG(5,("_spoolss_GetJob\n"));
@@ -9487,12 +9501,14 @@ WERROR _spoolss_GetJob(struct pipes_struct *p,
*r->out.needed = 0;
if (!get_printer_snum(p, r->in.handle, &snum, NULL)) {
- return WERR_BADFID;
+ result = WERR_BADFID;
+ goto err_jinfo_free;
}
svc_name = lp_const_servicename(snum);
if (svc_name == NULL) {
- return WERR_INVALID_PARAM;
+ result = WERR_INVALID_PARAM;
+ goto err_jinfo_free;
}
result = winreg_get_printer_internal(p->mem_ctx,
@@ -9501,22 +9517,22 @@ WERROR _spoolss_GetJob(struct pipes_struct *p,
svc_name,
&pinfo2);
if (!W_ERROR_IS_OK(result)) {
- return result;
+ goto err_jinfo_free;
}
pdb = get_print_db_byname(svc_name);
if (pdb == NULL) {
DEBUG(3, ("failed to get print db for svc %s\n", svc_name));
- TALLOC_FREE(pinfo2);
- return WERR_INVALID_PARAM;
+ result = WERR_INVALID_PARAM;
+ goto err_pinfo_free;
}
sysjob = jobid_to_sysjob_pdb(pdb, r->in.job_id);
release_print_db(pdb);
if (sysjob == -1) {
DEBUG(3, ("no sysjob for spoolss jobid %u\n", r->in.job_id));
--
Samba Shared Repository
More information about the samba-cvs
mailing list