bug in winbindd_ads.c : lookup_groupmem, domain name would be
prepended to username twice
Gerald (Jerry) Carter
jerry at samba.org
Fri Nov 2 13:01:21 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bo Yang wrote:
> hi, all
> lookup_groupmem in winbindd_ads.c prepended domain name to
> username, and fill_grent_mem can prepend domain name to username,
> which will results in domain name being prepended twice.
>
> To reproduce the issue:
> Assume, user U1 in group G1(not the primary group), D is the
> domain name
> 1. stop winbindd
> 2. remove winbindd_cache.tdb
> 3. restart winbindd
> 4. write junk code(as reproduce_336854.c shows) to first invoke
> getpwnam(D\U1), and then call getgrnam(D\G1) the getgrnam returned
> member D\d\U1 as its member's name...
>
> patch in attachment for 3.0.26 and 3.2.0
I'm not sure I agree. I need to review how this interacts with
"winbind expand groups". I'll review and get back to you.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHKx9FIR7qMdg1EfYRAh3qAKDAy4urjyRLw6rT2a/BlciU8P+KKgCcCKH9
mLSzOZjXg4hLRfpzTxeC8zU=
=Z0f2
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list