util_sid.c - respect a const variabile (addedd strdup)

cli_reg.c  - indentation
pdb_ldap.c - some checks on init fns parameters
pdb_tdb.c  - some checks on init fns parameters + make sure we close the db on failure

source/lib/util_sid.c

@@ -375,20 +375,26 @@ const char *sid_string_static(DOM_SID *sid)
 BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
 {
   pstring tok;
-  const char *p = sidstr;
+  char *p;
   /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
   uint32 ia;
-
-  memset((char *)sidout, '\0', sizeof(DOM_SID));
-
+  
   if (StrnCaseCmp( sidstr, "S-", 2)) {
     DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
     return False;
   }
 
-  p += 2;
+  memset((char *)sidout, '\0', sizeof(DOM_SID));
+
+  p = strdup(sidstr + 2);
+  if (p == NULL) {
+    DEBUG(0, ("string_to_sid: out of memory!\n"));
+    return False;
+  }
+
   if (!next_token(&p, tok, "-", sizeof(tok))) {
     DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    SAFE_FREE(p);
     return False;
   }
 
@@ -397,6 +403,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
 
   if (!next_token(&p, tok, "-", sizeof(tok))) {
     DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    SAFE_FREE(p);
     return False;
   }
 
@@ -422,6 +429,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
 	sid_append_rid(sidout, (uint32)strtoul(tok, NULL, 10));
   }
 
+  SAFE_FREE(p);
   return True;
 }
 

source/libsmb/cli_reg.c

@@ -7,7 +7,7 @@
    Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
    Copyright (C) Paul Ashton                  1997-1998.
    Copyright (C) Jeremy Allison                    1999.
-   Copyright (C) Simo Sorce                        2000
+   Copyright (C) Simo Sorce                        2001
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -38,8 +38,7 @@ struct cli_state *cli_winreg_initialise(struct cli_state *cli,
 /* Shutdown a server */
 
 NTSTATUS cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx,
-                          const char *msg,
-                          uint32 timeout, uint16 flags)
+                          const char *msg, uint32 timeout, uint16 flags)
 {
 	prs_struct qbuf;
 	prs_struct rbuf; 

source/passdb/pdb_ldap.c

@@ -70,7 +70,9 @@ ldap_open_connection (LDAP ** ldap_struct)
 	int port;
 	int version, rc;
 	int tls = LDAP_OPT_X_TLS_HARD;
-	
+
+	/* there should be an lp_ldap_ssl_port(), what happen if for some
+	   reason we need to bind an SSLed LDAP on port 389 ?? ---simo */
 	if (lp_ldap_ssl() == LDAP_SSL_ON && lp_ldap_port() == 389) {
 		port = 636;
 	}
@@ -368,6 +370,11 @@ static BOOL init_sam_from_ldap (SAM_ACCOUNT * sampass,
 	uint8 *hours;
 	pstring temp;
 
+	if (sampass == NULL || ldap_struct == NULL || entry == NULL) {
+		DEBUG(0, ("init_sam_from_ldap: NULL parameters found!\n"));
+		return False;
+	}
+
 	get_single_attribute(ldap_struct, entry, "uid", username);
 	DEBUG(2, ("Entry found for user: %s\n", username));
 
@@ -526,6 +533,11 @@ static BOOL init_ldap_from_sam (LDAPMod *** mods, int ldap_state, const SAM_ACCO
 {
 	pstring temp;
 
+	if (mods == NULL || sampass == NULL) {
+		DEBUG(0, ("init_ldap_from_sam: NULL parameters found!\n"));
+		return False;
+	}
+
 	*mods = NULL;
 
 	/* 

source/passdb/pdb_tdb.c

@@ -80,6 +80,11 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, uint32 bufle
 	uint32		len = 0;
 	uint32		lmpwlen, ntpwlen, hourslen;
 	BOOL ret = True;
+	
+	if(sampass == NULL || buf == NULL) {
+		DEBUG(0, ("init_sam_from_buffer: NULL parameters found!\n"));
+		return False;
+	}
 									
 	/* unpack the buffer into variables */
 	len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING,
@@ -207,9 +212,11 @@ static uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass)
 	uint32	nt_pw_len = 16;
 
 	/* do we have a valid SAM_ACCOUNT pointer? */
-	if (sampass == NULL)
+	if (sampass == NULL) {
+		DEBUG(0, ("init_buffer_from_sam: SAM_ACCOUNT is NULL!\n"));
 		return -1;
-		
+	}
+	
 	*buf = NULL;
 	buflen = 0;
 
@@ -404,7 +411,7 @@ void pdb_endsampwent(void)
 		global_tdb_ent.passwd_tdb = NULL;
 	}
 	
-	DEBUG(7, ("endtdbpwent: closed password file.\n"));
+	DEBUG(7, ("endtdbpwent: closed sam database.\n"));
 }
 
 /*****************************************************************
@@ -425,10 +432,10 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 		return False;
 	}
 
-	/* skip all RID entries */
-	while ((global_tdb_ent.key.dsize != 0) && (strncmp (global_tdb_ent.key.dptr, prefix, prefixlen)))
+	/* skip all non-USER entries (eg. RIDs) */
+	while ((global_tdb_ent.key.dsize != 0) && (strncmp(global_tdb_ent.key.dptr, prefix, prefixlen)))
 		/* increment to next in line */
-		global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+		global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
 
 	/* do we have an valid interation pointer? */
 	if(global_tdb_ent.passwd_tdb == NULL) {
@@ -436,14 +443,14 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 		return False;
 	}
 
-	data = tdb_fetch (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+	data = tdb_fetch(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
 	if (!data.dptr) {
 		DEBUG(5,("pdb_getsampwent: database entry not found.\n"));
 		return False;
 	}
   
   	/* unpack the buffer */
-	if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+	if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
 		DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
 		SAFE_FREE(data.dptr);
 		return False;
@@ -461,11 +468,11 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 
 	uid = pw->pw_uid;
 	gid = pw->pw_gid;
-	pdb_set_uid (user, uid);
-	pdb_set_gid (user, gid);
+	pdb_set_uid(user, uid);
+	pdb_set_gid(user, gid);
 
 	/* increment to next in line */
-	global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+	global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
 
 	return True;
 }
@@ -495,12 +502,12 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
 	unix_strlower(sname, -1, name, sizeof(name));
 
 	get_private_directory(tdbfile);
-	pstrcat (tdbfile, PASSDB_FILE_NAME);
+	pstrcat(tdbfile, PASSDB_FILE_NAME);
 	
 	/* set search key */
 	slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
 	key.dptr = keystr;
-	key.dsize = strlen (keystr) + 1;
+	key.dsize = strlen(keystr) + 1;
 
 	/* open the accounts TDB */
 	if (!(pwd_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600))) {
@@ -509,34 +516,40 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
 	}
 
 	/* get the record */
-	data = tdb_fetch (pwd_tdb, key);
+	data = tdb_fetch(pwd_tdb, key);
 	if (!data.dptr) {
 		DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
 		DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
-		tdb_close (pwd_tdb);
+		tdb_close(pwd_tdb);
 		return False;
 	}
   
   	/* unpack the buffer */
-	if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+	if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
 		DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
 		SAFE_FREE(data.dptr);
+		tdb_close(pwd_tdb);
 		return False;
 	}
 	SAFE_FREE(data.dptr);
+
+	/* cleanup */
+	tdb_close(pwd_tdb);
 	
 	/* validate the account and fill in UNIX uid and gid.  sys_getpwnam()
-	   is used instaed of Get_Pwnam() as we do not need to try case
+	   is used instead of Get_Pwnam() as we do not need to try case
 	   permutations */
 	if ((pw=sys_getpwnam(pdb_get_username(user)))) {
 		uid = pw->pw_uid;
 		gid = pw->pw_gid;
-		pdb_set_uid (user, uid);
-		pdb_set_gid (user, gid);
+		pdb_set_uid(user, uid);
+		pdb_set_gid(user, gid);
+	}
+	else {
+		DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL.  User does not exist!\n", 
+		          pdb_get_username(user)));
+		return False;
 	}
-	
-	/* cleanup */
-	tdb_close (pwd_tdb);
 
 	return True;
 }