mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
cmdline:burn: always return true if burnt
Before we have been trying to cram three cases into a boolean return value: * cmdline had secrets, we burnt them -> true * cmdline had no secrets, all good -> false * cmdline has NULL string, WTF! emergency! -> false This return value is only used by Python which wants to know whether to go to the trouble of replacing the command line. If samba_cmdline_burn() returns false, no action is taken. If samba_cmdline_burn() burns a password and then hits a NULL, it would be better not to do nothing. It would be better to crash. And that is what Python will end up doing, by some talloc returning NULL triggering a MemoryError. What about the case like {"--foo", NULL, "-Ua%b"} where the secret comes after the NULL? That will still be ignored by Python, as it is by all C tools, but we are hoping that can't happen anyway. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
This commit is contained in:
parent
53a1184525
commit
d3d8dffc02
@ -147,7 +147,7 @@ bool samba_cmdline_burn(int argc, char *argv[])
|
||||
for (i = 0; i < argc; i++) {
|
||||
p = argv[i];
|
||||
if (p == NULL) {
|
||||
return false;
|
||||
return burnt;
|
||||
}
|
||||
|
||||
found = false;
|
||||
@ -203,7 +203,7 @@ bool samba_cmdline_burn(int argc, char *argv[])
|
||||
}
|
||||
p = argv[i];
|
||||
if (p == NULL) {
|
||||
return false;
|
||||
return burnt;
|
||||
}
|
||||
ulen = 0;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user