From 859182da6d06be0e9d37d7ed3448efc3dc78bdb2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 30 Jul 2013 10:40:39 +1200 Subject: [PATCH] dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors This ensures we do not de-reference an invalid rs->msgs pointer if the pointed-to object was not objectclass=computer Andrew Bartlett Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052 Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104 --- dfs_server/dfs_server_ad.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c index 249a1d18617..062eb495ec4 100644 --- a/dfs_server/dfs_server_ad.c +++ b/dfs_server/dfs_server_ad.c @@ -206,14 +206,14 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, for (i = 0; icount; i++) { struct ldb_dn *dn; - struct ldb_result *r2; + struct ldb_message *msg; dn = ldb_msg_find_attr_as_dn(ldb, ctx, r->msgs[i], "serverReference"); if (!dn) { return NT_STATUS_INTERNAL_ERROR; } - ret = ldb_search(ldb, r, &r2, dn, LDB_SCOPE_BASE, attrs2, "(objectClass=computer)"); + ret = dsdb_search_one(ldb, r, &msg, dn, LDB_SCOPE_BASE, attrs2, 0, "(objectClass=computer)"); if (ret != LDB_SUCCESS) { DEBUG(2,(__location__ ": Search for computer on %s failed - %s\n", ldb_dn_get_linearized(dn), ldb_errstring(ldb))); @@ -221,7 +221,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, } if (dofqdn) { - const char *dns = ldb_msg_find_attr_as_string(r2->msgs[0], "dNSHostName", NULL); + const char *dns = ldb_msg_find_attr_as_string(msg, "dNSHostName", NULL); if (dns == NULL) { DEBUG(2,(__location__ ": dNSHostName missing on %s\n", ldb_dn_get_linearized(dn))); @@ -233,7 +233,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, NT_STATUS_HAVE_NO_MEMORY_AND_FREE(list->names[list->count], r); } else { char *tmp; - const char *aname = ldb_msg_find_attr_as_string(r2->msgs[0], "sAMAccountName", NULL); + const char *aname = ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL); if (aname == NULL) { DEBUG(2,(__location__ ": sAMAccountName missing on %s\n", ldb_dn_get_linearized(dn))); @@ -250,7 +250,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, list->names[list->count] = tmp; } list->count++; - talloc_free(r2); + talloc_free(msg); } talloc_free(r);