[PATCH 11/13] libgpo: replace dup_sec_desc() usage
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue May 27 03:07:07 MDT 2014
On Tue, May 27, 2014 at 11:04:20AM +0200, David Disseldorp wrote:
> On Mon, 26 May 2014 21:59:31 +0200, Volker Lendecke wrote:
>
> > > - gpo->security_descriptor = dup_sec_desc(gpo, gpo_src->security_descriptor);
> > > + if (gpo_src->security_descriptor == NULL) {
> > > + /* existing SD assumed */
> > > + TALLOC_FREE(gpo);
> > > + return NT_STATUS_INVALID_PARAMETER;
> > > + }
> > > + gpo->security_descriptor = security_descriptor_copy(gpo,
> > > + gpo_src->security_descriptor);
> > > if (gpo->security_descriptor == NULL) {
> > > TALLOC_FREE(gpo);
> > > return NT_STATUS_NO_MEMORY;
> >
> > Not sure it matters, but this looks like a little semantic
> > change in case gpo_src->security_descriptor==NULL. Before
> > the patch we return INVALID_PARAMETER, after the patch I
> > believe we crash.
>
> As Richard pointed out, there's a NULL check before the
> security_descriptor_copy() call.
>
> There is one slight change in behaviour here: previously
> NT_STATUS_NO_MEMORY was returned if gpo_src->security_descriptor was
> NULL, whereas now NT_STATUS_INVALID_PARAMETER is returned.
> The callers don't differentiate between these errors.
Ok, great than.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list