Vista and setting printer ACLs
Jeremy Allison
jra at samba.org
Wed Jan 31 20:29:33 GMT 2007
On Wed, Jan 31, 2007 at 01:50:03PM +0100, Martin Zielinski wrote:
> Too hasty ;-/
>
> --- samba-3.0.23d.orig/source/rpc_parse/parse_spoolss.c 2006-06-23
> 15:16:52.000000000 +0200
> +++ samba-3.0.23d/source/rpc_parse/parse_spoolss.c 2007-01-31
> 13:49:02.000000000 +0100
> @@ -3897,7 +3897,7 @@
> break;
> }
> }
> - if (ptr_sec_desc)
> + if (q_u->level == 3 || ptr_sec_desc)
> {
> if (!sec_io_desc_buf(desc, &q_u->secdesc_ctr, ps, depth))
> return False;
>
>
> Martin Zielinski schrieb:
> [...]
> >- if (ptr_sec_desc)
> >+ if ((q_u->level == 3 && !ptr_sec_desc) || ptr_sec_desc)
> [...]
Ok, here's what I've checked into SVN - this protects us from
the null deref but doesn't fix the RPC issue. But I think it's
needed anyway as a bugfix. Let's fix the RPC problem as a
separate issue.
Jeremy.
-------------- next part --------------
Index: rpc_server/srv_spoolss_nt.c
===================================================================
--- rpc_server/srv_spoolss_nt.c (revision 21098)
+++ rpc_server/srv_spoolss_nt.c (working copy)
@@ -5847,6 +5847,12 @@
goto done;
}
+ if (!secdesc_ctr) {
+ DEBUG(10,("update_printer_sec: secdesc_ctr is NULL !\n"));
+ result = WERR_INVALID_PARAM;
+ goto done;
+ }
+
/* Check the user has permissions to change the security
descriptor. By experimentation with two NT machines, the user
requires Full Access to the printer to change security
More information about the samba-technical
mailing list