1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

vfs_acl_common: In add_directory_inheritable_components allocate on psd as parent

When we add a new DACL to the security descriptor, we need to use the
SD as the memory context, so we can talloc_move() it as a tree to a
new parent.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov  2 22:16:14 CET 2012 on sn-devel-104
This commit is contained in:
Andrew Bartlett 2012-11-01 09:51:28 +11:00 committed by Jeremy Allison
parent 92e17d5fd0
commit 60cf4cb5a6

View File

@ -195,9 +195,21 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle,
mode_t dir_mode; mode_t dir_mode;
mode_t file_mode; mode_t file_mode;
mode_t mode; mode_t mode;
struct security_ace *new_ace_list = talloc_zero_array(talloc_tos(), struct security_ace *new_ace_list;
struct security_ace,
num_aces + 3); if (psd->dacl) {
new_ace_list = talloc_zero_array(psd->dacl,
struct security_ace,
num_aces + 3);
} else {
/*
* make_sec_acl() at the bottom of this function
* dupliates new_ace_list
*/
new_ace_list = talloc_zero_array(talloc_tos(),
struct security_ace,
num_aces + 3);
}
if (new_ace_list == NULL) { if (new_ace_list == NULL) {
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
@ -256,7 +268,7 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle,
psd->dacl->aces = new_ace_list; psd->dacl->aces = new_ace_list;
psd->dacl->num_aces += 3; psd->dacl->num_aces += 3;
} else { } else {
psd->dacl = make_sec_acl(talloc_tos(), psd->dacl = make_sec_acl(psd,
NT4_ACL_REVISION, NT4_ACL_REVISION,
3, 3,
new_ace_list); new_ace_list);