sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00
Code

r17496: net groupmap add could add uninitialized sid_name_type

Browse Source 
entries to the group mapping db. Ensure this can't happen.
Jeremy.
(This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511)
This commit is contained in:
Jeremy Allison 2006-08-11 18:09:59 +00:00 committed by Gerald (Jerry) Carter
parent 46e1ce559e
commit 51f6bfea3b
1 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
source3/utils/net_groupmap.c
View File

@ -188,7 +188,14 @@ static int net_groupmap_add(int argc, const char **argv)
uint32 rid = 0;
int i;
GROUP_MAP map;
const char *name_type;
ZERO_STRUCT(map);
/* Default is domain group. */
map.sid_name_use = SID_NAME_DOM_GRP;
name_type = "domain group";
/* get the options */
for ( i=0; i<argc; i++ ) {
if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) {
@ -237,15 +244,21 @@ static int net_groupmap_add(int argc, const char **argv)
case 'b':
case 'B':
map.sid_name_use = SID_NAME_WKN_GRP;
name_type = "wellknown group";
break;
case 'd':
case 'D':
map.sid_name_use = SID_NAME_DOM_GRP;
name_type = "domain group";
break;
case 'l':
case 'L':
map.sid_name_use = SID_NAME_ALIAS;
name_type = "alias (local) group";
break;
default:
d_fprintf(stderr, "unknown group type %s\n", type);
return -1;
}
}
else {
@ -316,8 +329,8 @@ static int net_groupmap_add(int argc, const char **argv)
return -1;
}
d_printf("Successfully added group %s to the mapping db\n",
map.nt_name);
d_printf("Successfully added group %s to the mapping db as a %s\n",
map.nt_name, name_type);
return 0;
}
@ -413,15 +426,19 @@ static int net_groupmap_modify(int argc, const char **argv)
* Allow changing of group type only between domain and local
* We disallow changing Builtin groups !!! (SID problem)
*/
if (sid_type != SID_NAME_UNKNOWN) {
if (map.sid_name_use == SID_NAME_WKN_GRP) {
d_fprintf(stderr, "You can only change between domain and local groups.\n");
return -1;
}
map.sid_name_use=sid_type;
if (sid_type == SID_NAME_UNKNOWN) {
d_fprintf(stderr, "Can't map to an unknown group type.\n");
return -1;
}
if (map.sid_name_use == SID_NAME_WKN_GRP) {
d_fprintf(stderr, "You can only change between domain and local groups.\n");
return -1;
}
map.sid_name_use=sid_type;
/* Change comment if new one */
if ( ntcomment[0] )
fstrcpy( map.comment, ntcomment );