sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

Fix bug #7072 - Accounts can't be unlocked from ldap.

Browse Source 
Fix suggested by Andy Hanton <andyhanton@gmail.com>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.

We have to fix this properly before 2037 :-).

Jeremy.
This commit is contained in:
Jeremy Allison 2010-01-27 16:42:06 -08:00
parent 8e26aa3d7c
commit 627fb85092
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
source3/passdb/login_cache.c
View File

@ -68,6 +68,7 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass)
char *keystr; char *keystr;
TDB_DATA databuf; TDB_DATA databuf;
LOGIN_CACHE *entry; LOGIN_CACHE *entry;
uint32_t entry_timestamp = 0, bad_password_time = 0;
if (!login_cache_init()) if (!login_cache_init())
return NULL; return NULL;
@ -92,17 +93,22 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass)
SAFE_FREE(databuf.dptr); SAFE_FREE(databuf.dptr);
return NULL; return NULL;
} }
ZERO_STRUCTP(entry);
if (tdb_unpack (databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, if (tdb_unpack (databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT,
&entry->entry_timestamp, &entry->acct_ctrl, &entry->entry_timestamp, &entry->acct_ctrl,
&entry->bad_password_count, &entry->bad_password_count,
&entry->bad_password_time) == -1) { &bad_password_time) == -1) {
DEBUG(7, ("No cache entry found\n")); DEBUG(7, ("No cache entry found\n"));
SAFE_FREE(entry); SAFE_FREE(entry);
SAFE_FREE(databuf.dptr); SAFE_FREE(databuf.dptr);
return NULL; return NULL;
} }
/* Deal with possible 64-bit time_t. */
entry->entry_timestamp = (time_t)entry_timestamp;
entry->bad_password_time = (time_t)bad_password_time;
SAFE_FREE(databuf.dptr); SAFE_FREE(databuf.dptr);
DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n", DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n",
@ -116,6 +122,8 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry)
char *keystr; char *keystr;
TDB_DATA databuf; TDB_DATA databuf;
bool ret; bool ret;
uint32_t entry_timestamp;
uint32_t bad_password_time = (uint32_t)entry.bad_password_time;
if (!login_cache_init()) if (!login_cache_init())
return False; return False;
@ -130,14 +138,14 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry)
return False; return False;
} }
entry.entry_timestamp = time(NULL); entry_timestamp = (uint32_t)time(NULL);
databuf.dsize = databuf.dsize =
tdb_pack(NULL, 0, SAM_CACHE_FORMAT, tdb_pack(NULL, 0, SAM_CACHE_FORMAT,
entry.entry_timestamp, entry_timestamp,
entry.acct_ctrl, entry.acct_ctrl,
entry.bad_password_count, entry.bad_password_count,
entry.bad_password_time); bad_password_time);
databuf.dptr = SMB_MALLOC_ARRAY(uint8, databuf.dsize); databuf.dptr = SMB_MALLOC_ARRAY(uint8, databuf.dsize);
if (!databuf.dptr) { if (!databuf.dptr) {
SAFE_FREE(keystr); SAFE_FREE(keystr);
@ -145,10 +153,10 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry)
} }
if (tdb_pack(databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, if (tdb_pack(databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT,
entry.entry_timestamp, entry_timestamp,
entry.acct_ctrl, entry.acct_ctrl,
entry.bad_password_count, entry.bad_password_count,
entry.bad_password_time) bad_password_time)
!= databuf.dsize) { != databuf.dsize) {
SAFE_FREE(keystr); SAFE_FREE(keystr);
SAFE_FREE(databuf.dptr); SAFE_FREE(databuf.dptr);