From 4e9a55536f95bf417e94a5d4d8e9f24700fa72e7 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Thu, 8 Sep 2016 15:18:39 +0200
Subject: [PATCH] notifyd: Don't trust remote pointers

Not a security hole IMO: Only root can send us messages, that's at least our
assumption.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 source3/smbd/notifyd/notifyd.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c
index ce2da547d5d..70f52cd7c83 100644
--- a/source3/smbd/notifyd/notifyd.c
+++ b/source3/smbd/notifyd/notifyd.c
@@ -1202,6 +1202,13 @@ static int notifyd_add_proxy_syswatches(struct db_record *rec,
 		uint32_t subdir_filter = instance->instance.subdir_filter;
 		int ret;
 
+		/*
+		 * This is a remote database. Pointers that we were
+		 * given don't make sense locally. Initialize to NULL
+		 * in case sys_notify_watch fails.
+		 */
+		instances[i].sys_watch = NULL;
+
 		ret = state->sys_notify_watch(
 			db, state->sys_notify_ctx, path,
 			&filter, &subdir_filter,