[PATCH] winbind: Make wb_sids2xids_recv work on an array

Volker Lendecke Volker.Lendecke at SerNet.DE
Fri Mar 6 03:35:47 MST 2015 

Hi!

This fixes a couple of Coverity issues. All false positives,
but I believe the code is cleaner after this patch.

Review&push appreciated!

Thanks,

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From c452a1f49c59e3da010b61c202c706c05eca8a5b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Thu, 5 Mar 2015 20:59:16 +0100
Subject: [PATCH] winbind: Make wb_sids2xids_recv work on an array

The trigger for this is that Coverity got confused by the dual use of &xid
as an array with the implicit length equality between wb_sids2xids_send
and the array passed in to wb_sids2xids_recv for the result.

I don't want to start doing things just for the Coverity scan, but this
makes the code clearer to me by removing this implicit expected array
length equality.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/winbindd/wb_fill_pwent.c         |    8 ++++----
 source3/winbindd/wb_getgrsid.c           |   10 +++++-----
 source3/winbindd/wb_sids2xids.c          |    8 +++++++-
 source3/winbindd/winbindd_getgroups.c    |    2 +-
 source3/winbindd/winbindd_proto.h        |    2 +-
 source3/winbindd/winbindd_sid_to_gid.c   |    8 ++++----
 source3/winbindd/winbindd_sid_to_uid.c   |    8 ++++----
 source3/winbindd/winbindd_sids_to_xids.c |    3 ++-
 8 files changed, 28 insertions(+), 21 deletions(-)

diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c
index 1135ef3..4b4484f 100644
--- a/source3/winbindd/wb_fill_pwent.c
+++ b/source3/winbindd/wb_fill_pwent.c
@@ -70,9 +70,9 @@ static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq)
 	struct wb_fill_pwent_state *state = tevent_req_data(
 		req, struct wb_fill_pwent_state);
 	NTSTATUS status;
-	struct unixid xid;
+	struct unixid xids[1];
 
-	status = wb_sids2xids_recv(subreq, &xid);
+	status = wb_sids2xids_recv(subreq, xids, ARRAY_SIZE(xids));
 	TALLOC_FREE(subreq);
 	if (tevent_req_nterror(req, status)) {
 		return;
@@ -84,12 +84,12 @@ static void wb_fill_pwent_sid2uid_done(struct tevent_req *subreq)
 	 * by lookupsids). Here we need to filter for the type of object
 	 * actually requested, in this case uid.
 	 */
-	if (!(xid.type == ID_TYPE_UID || xid.type == ID_TYPE_BOTH)) {
+	if (!(xids[0].type == ID_TYPE_UID || xids[0].type == ID_TYPE_BOTH)) {
 		tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
 		return;
 	}
 
-	state->pw->pw_uid = (uid_t)xid.id;
+	state->pw->pw_uid = (uid_t)xids[0].id;
 
 	subreq = wb_getgrsid_send(state, state->ev, &state->info->group_sid, 0);
 	if (tevent_req_nomem(subreq, req)) {
diff --git a/source3/winbindd/wb_getgrsid.c b/source3/winbindd/wb_getgrsid.c
index 2678c50..acfedf6 100644
--- a/source3/winbindd/wb_getgrsid.c
+++ b/source3/winbindd/wb_getgrsid.c
@@ -116,9 +116,9 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq)
 	struct wb_getgrsid_state *state = tevent_req_data(
 		req, struct wb_getgrsid_state);
 	NTSTATUS status;
-	struct unixid xid;
+	struct unixid xids[1];
 
-	status = wb_sids2xids_recv(subreq, &xid);
+	status = wb_sids2xids_recv(subreq, xids, ARRAY_SIZE(xids));
 	TALLOC_FREE(subreq);
 	if (tevent_req_nterror(req, status)) {
 		return;
@@ -130,12 +130,12 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq)
 	 * by lookupsids). Here we need to filter for the type of object
 	 * actually requested, in this case uid.
 	 */
-	if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) {
+	if (!(xids[0].type == ID_TYPE_GID || xids[0].type == ID_TYPE_BOTH)) {
 		tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
 		return;
 	}
 
-	state->gid = (gid_t)xid.id;
+	state->gid = (gid_t)xids[0].id;
 
 	if (state->type == SID_NAME_USER || state->type == SID_NAME_COMPUTER) {
 		/*
@@ -145,7 +145,7 @@ static void wb_getgrsid_sid2gid_done(struct tevent_req *subreq)
 		 */
 		const char *name;
 
-		if (xid.type != ID_TYPE_BOTH) {
+		if (xids[0].type != ID_TYPE_BOTH) {
 			tevent_req_nterror(req, NT_STATUS_NO_SUCH_GROUP);
 			return;
 		}
diff --git a/source3/winbindd/wb_sids2xids.c b/source3/winbindd/wb_sids2xids.c
index 7614974..e3962de 100644
--- a/source3/winbindd/wb_sids2xids.c
+++ b/source3/winbindd/wb_sids2xids.c
@@ -253,7 +253,7 @@ static void wb_sids2xids_done(struct tevent_req *subreq)
 }
 
 NTSTATUS wb_sids2xids_recv(struct tevent_req *req,
-			   struct unixid *xids)
+			   struct unixid xids[], uint32_t num_xids)
 {
 	struct wb_sids2xids_state *state = tevent_req_data(
 		req, struct wb_sids2xids_state);
@@ -265,6 +265,12 @@ NTSTATUS wb_sids2xids_recv(struct tevent_req *req,
 		return status;
 	}
 
+	if (num_xids != state->num_sids) {
+		DEBUG(1, ("%s: Have %u xids, caller wants %u\n", __func__,
+			  (unsigned)state->num_sids, num_xids));
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+
 	num_non_cached = 0;
 
 	for (i=0; i<state->num_sids; i++) {
diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c
index b899beb..c728624 100644
--- a/source3/winbindd/winbindd_getgroups.c
+++ b/source3/winbindd/winbindd_getgroups.c
@@ -155,7 +155,7 @@ static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq)
 		xids[i].id = UINT32_MAX;
 	}
 
-	status = wb_sids2xids_recv(subreq, xids);
+	status = wb_sids2xids_recv(subreq, xids, talloc_array_length(xids));
 	TALLOC_FREE(subreq);
 	if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED) ||
 	    NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED))
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 77e1dbe..e0b7aad 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -884,7 +884,7 @@ struct tevent_req *wb_sids2xids_send(TALLOC_CTX *mem_ctx,
 				     const struct dom_sid *sids,
 				     const uint32_t num_sids);
 NTSTATUS wb_sids2xids_recv(struct tevent_req *req,
-			   struct unixid *xids);
+			   struct unixid xids[], uint32_t num_xids);
 struct tevent_req *winbindd_sids_to_xids_send(TALLOC_CTX *mem_ctx,
 					      struct tevent_context *ev,
 					      struct winbindd_cli_state *cli,
diff --git a/source3/winbindd/winbindd_sid_to_gid.c b/source3/winbindd/winbindd_sid_to_gid.c
index 46ca903..978ed6a 100644
--- a/source3/winbindd/winbindd_sid_to_gid.c
+++ b/source3/winbindd/winbindd_sid_to_gid.c
@@ -69,9 +69,9 @@ static void winbindd_sid_to_gid_done(struct tevent_req *subreq)
 	struct winbindd_sid_to_gid_state *state = tevent_req_data(
 		req, struct winbindd_sid_to_gid_state);
 	NTSTATUS status;
-	struct unixid xid;
+	struct unixid xids[1];
 
-	status = wb_sids2xids_recv(subreq, &xid);
+	status = wb_sids2xids_recv(subreq, xids, ARRAY_SIZE(xids));
 	TALLOC_FREE(subreq);
 	if (tevent_req_nterror(req, status)) {
 		return;
@@ -83,12 +83,12 @@ static void winbindd_sid_to_gid_done(struct tevent_req *subreq)
 	 * by lookupsids). Here we need to filter for the type of object
 	 * actually requested, in this case gid.
 	 */
-	if (!(xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH)) {
+	if (!(xids[0].type == ID_TYPE_GID || xids[0].type == ID_TYPE_BOTH)) {
 		tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
 		return;
 	}
 
-	state->gid = (gid_t)xid.id;
+	state->gid = (gid_t)xids[0].id;
 	tevent_req_done(req);
 }
 
diff --git a/source3/winbindd/winbindd_sid_to_uid.c b/source3/winbindd/winbindd_sid_to_uid.c
index 67fe952..cbab2d2 100644
--- a/source3/winbindd/winbindd_sid_to_uid.c
+++ b/source3/winbindd/winbindd_sid_to_uid.c
@@ -69,9 +69,9 @@ static void winbindd_sid_to_uid_done(struct tevent_req *subreq)
 	struct winbindd_sid_to_uid_state *state = tevent_req_data(
 		req, struct winbindd_sid_to_uid_state);
 	NTSTATUS status;
-	struct unixid xid;
+	struct unixid xids[1];
 
-	status = wb_sids2xids_recv(subreq, &xid);
+	status = wb_sids2xids_recv(subreq, xids, ARRAY_SIZE(xids));
 	TALLOC_FREE(subreq);
 	if (tevent_req_nterror(req, status)) {
 		return;
@@ -83,12 +83,12 @@ static void winbindd_sid_to_uid_done(struct tevent_req *subreq)
 	 * by lookupsids). Here we need to filter for the type of object
 	 * actually requested, in this case uid.
 	 */
-	if (!(xid.type == ID_TYPE_UID || xid.type == ID_TYPE_BOTH)) {
+	if (!(xids[0].type == ID_TYPE_UID || xids[0].type == ID_TYPE_BOTH)) {
 		tevent_req_nterror(req, NT_STATUS_NONE_MAPPED);
 		return;
 	}
 
-	state->uid = (uid_t)xid.id;
+	state->uid = (uid_t)xids[0].id;
 	tevent_req_done(req);
 }
 
diff --git a/source3/winbindd/winbindd_sids_to_xids.c b/source3/winbindd/winbindd_sids_to_xids.c
index e4c7e3f..9e57ca4 100644
--- a/source3/winbindd/winbindd_sids_to_xids.c
+++ b/source3/winbindd/winbindd_sids_to_xids.c
@@ -89,7 +89,8 @@ static void winbindd_sids_to_xids_done(struct tevent_req *subreq)
 		return;
 	}
 
-	status = wb_sids2xids_recv(subreq, state->xids);
+	status = wb_sids2xids_recv(subreq, state->xids,
+				   talloc_array_length(state->xids));
 	TALLOC_FREE(subreq);
 	if (tevent_req_nterror(req, status)) {
 		return;
-- 
1.7.9.5

More information about the samba-technical mailing list