mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:kdc: Check result of samdb_result_dom_sid()
We must not pass a NULL pointer into dom_sid_split_rid(). While we’re at it, switch to using samdb_result_dom_sid_buf(), which doesn’t require a heap allocation. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
f34645b8f8
commit
7cfddcbf3f
@ -1059,6 +1059,7 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
|
||||
NTTIME acct_expiry;
|
||||
NTSTATUS status;
|
||||
bool protected_user = false;
|
||||
struct dom_sid sid;
|
||||
uint32_t rid;
|
||||
bool is_krbtgt = false;
|
||||
bool is_rodc = false;
|
||||
@ -1259,8 +1260,11 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
|
||||
|
||||
/* The lack of password controls etc applies to krbtgt by
|
||||
* virtue of being that particular RID */
|
||||
status = dom_sid_split_rid(NULL, samdb_result_dom_sid(mem_ctx, msg, "objectSid"), NULL, &rid);
|
||||
|
||||
ret = samdb_result_dom_sid_buf(msg, "objectSid", &sid);
|
||||
if (ret) {
|
||||
goto out;
|
||||
}
|
||||
status = dom_sid_split_rid(NULL, &sid, NULL, &rid);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
ret = EINVAL;
|
||||
goto out;
|
||||
|
Loading…
Reference in New Issue
Block a user