Better empty DACL approach
Tim Potter
tpot at valinux.com
Tue Jun 26 10:32:06 GMT 2001
Matt Zinkevicius writes:
> My ACL database code started barfing on ACLs with empty ACE lists with the
> cvs snapshot I just got. I traced it to Tim/Jeremy's change in
> parse_sec.c:
Oops.
> This is not the correct way to handle this. You don't have to waste memory,
> you should just check that the security descriptor's type contains the
Well it isn't really wasted as it's only one byte, and the talloc
pool is destroyed immediately after the access check takes place.
> DACL_PRESENT bit whenever you're computing the effective rights. If it's not
> there then you have full access, otherwise loop though the aces. If ace_cnt
> == 0 then your loop terminates giving no access. You're code should never
> try to dereference the ace[] array unless ace_cnt > 0, so this num_aces+1
> talloc is bogus. Here is the patch I applied to my tree to allow empty DACLs
> a while back:
>
> --- samba-2.2.0-orig/source/rpc_parse/parse_sec.c Tue Feb 27 19:22:29 2001
> +++ samba-2.2.0-acldb/source/rpc_parse/parse_sec.c Fri Jun 22 12:15:12 2001
> @@ -135,7 +135,7 @@
> dst->num_aces = num_aces;
> dst->size = 8;
>
> - if((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) * num_aces )) ==
> NULL) {
> + if((num_aces) && ((dst->ace = (SEC_ACE *)talloc(ctx, sizeof(SEC_ACE) *
> num_aces )) == NULL)) {
> return NULL;
> }
OK this looks like a better way to do it. There may be some
checks in some other code that check the value of the dacl
pointer instead of checking for the DACL_PRESENT bit.
Tim.
More information about the samba-technical
mailing list