diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index fea1b2d761f..ce47e94eb54 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -549,11 +549,13 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, "for gid %d!\n", gids[i])); continue; } - if (!add_sid_to_array_unique( result, &unix_group_sid, - &result->sids, &result->num_sids )) { + status = add_sid_to_array_unique(result, &unix_group_sid, + &result->sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { result->sam_account = NULL; /* Don't free on error exit. */ TALLOC_FREE(result); - return NT_STATUS_NO_MEMORY; + return status; } } @@ -895,9 +897,9 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, "for gid %d!\n", gids[i])); continue; } - if (!add_sid_to_array_unique(tmp_ctx, &unix_group_sid, - &group_sids, &num_group_sids )) { - result = NT_STATUS_NO_MEMORY; + result = add_sid_to_array_unique(tmp_ctx, &unix_group_sid, + &group_sids, &num_group_sids); + if (!NT_STATUS_IS_OK(result)) { goto done; } } @@ -1074,11 +1076,12 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info, return NT_STATUS_NO_SUCH_USER; } - if (!add_sid_to_array_unique(result, &u_sid, - &result->sids, - &result->num_sids)) { + status = add_sid_to_array_unique(result, &u_sid, + &result->sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(result); - return NT_STATUS_NO_MEMORY; + return status; } /* For now we throw away the gids and convert via sid_to_gid diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c index 9ca5216af0f..fc93060fc6a 100644 --- a/source3/auth/token_util.c +++ b/source3/auth/token_util.c @@ -140,22 +140,22 @@ NTSTATUS add_aliases(const DOM_SID *domain_sid, if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("pdb_enum_alias_memberships failed: %s\n", nt_errstr(status))); - TALLOC_FREE(tmp_ctx); - return status; + goto done; } for (i=0; iuser_sids, - &token->num_sids)) { + status = add_sid_to_array_unique(token, &alias_sid, + &token->user_sids, + &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("add_sid_to_array failed\n")); - TALLOC_FREE(tmp_ctx); - return NT_STATUS_NO_MEMORY; + goto done; } } +done: TALLOC_FREE(tmp_ctx); return NT_STATUS_OK; } @@ -166,6 +166,7 @@ NTSTATUS add_aliases(const DOM_SID *domain_sid, static NTSTATUS add_builtin_administrators( struct nt_user_token *token ) { DOM_SID domadm; + NTSTATUS status; /* nothing to do if we aren't in a domain */ @@ -186,9 +187,11 @@ static NTSTATUS add_builtin_administrators( struct nt_user_token *token ) /* Add Administrators if the user beloongs to Domain Admins */ if ( nt_token_check_sid( &domadm, token ) ) { - if (!add_sid_to_array(token, &global_sid_Builtin_Administrators, - &token->user_sids, &token->num_sids)) { - return NT_STATUS_NO_MEMORY; + status = add_sid_to_array(token, + &global_sid_Builtin_Administrators, + &token->user_sids, &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + return status; } } @@ -303,38 +306,48 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, /* Add the user and primary group sid */ - if (!add_sid_to_array(result, user_sid, - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, user_sid, + &result->user_sids, &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } /* For guest, num_groupsids may be zero. */ if (num_groupsids) { - if (!add_sid_to_array(result, &groupsids[0], - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, &groupsids[0], + &result->user_sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } } /* Add in BUILTIN sids */ - if (!add_sid_to_array(result, &global_sid_World, - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, &global_sid_World, + &result->user_sids, &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } - if (!add_sid_to_array(result, &global_sid_Network, - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, &global_sid_Network, + &result->user_sids, &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } if (is_guest) { - if (!add_sid_to_array(result, &global_sid_Builtin_Guests, - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, &global_sid_Builtin_Guests, + &result->user_sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } } else { - if (!add_sid_to_array(result, &global_sid_Authenticated_Users, - &result->user_sids, &result->num_sids)) { + status = add_sid_to_array(result, + &global_sid_Authenticated_Users, + &result->user_sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } } @@ -346,8 +359,10 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx, * first group sid as primary above. */ for (i=1; iuser_sids, &result->num_sids)) { + status = add_sid_to_array_unique(result, &groupsids[i], + &result->user_sids, + &result->num_sids); + if (!NT_STATUS_IS_OK(status)) { return NULL; } } diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c index ea467775983..05056eabd20 100644 --- a/source3/groupdb/mapping_ldb.c +++ b/source3/groupdb/mapping_ldb.c @@ -398,8 +398,8 @@ static NTSTATUS one_alias_membership(const DOM_SID *member, goto failed; } string_to_sid(&alias, (char *)el->values[0].data); - if (!add_sid_to_array_unique(NULL, &alias, sids, num)) { - status = NT_STATUS_NO_MEMORY; + status = add_sid_to_array_unique(NULL, &alias, sids, num); + if (!NT_STATUS_IS_OK(status)) { goto failed; } } @@ -492,6 +492,7 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num) NULL }; int ret, i; + NTSTATUS status; struct ldb_result *res=NULL; struct ldb_dn *dn; struct ldb_message_element *el; @@ -524,14 +525,15 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num) for (i=0;inum_values;i++) { DOM_SID sid; string_to_sid(&sid, (const char *)el->values[i].data); - if (!add_sid_to_array_unique(NULL, &sid, sids, num)) { - talloc_free(dn); - return NT_STATUS_NO_MEMORY; + status = add_sid_to_array_unique(NULL, &sid, sids, num); + if (!NT_STATUS_IS_OK(status)) { + goto done; } } - talloc_free(dn); - return NT_STATUS_OK; +done: + talloc_free(dn); + return status; } /* diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c index 9adde40426a..21a4f95383b 100644 --- a/source3/groupdb/mapping_tdb.c +++ b/source3/groupdb/mapping_tdb.c @@ -414,8 +414,8 @@ static NTSTATUS one_alias_membership(const DOM_SID *member, if (!string_to_sid(&alias, string_sid)) continue; - if (!add_sid_to_array_unique(NULL, &alias, sids, num)) { - status = NT_STATUS_NO_MEMORY; + status= add_sid_to_array_unique(NULL, &alias, sids, num); + if (!NT_STATUS_IS_OK(status)) { goto done; } } @@ -560,7 +560,10 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, if (!string_to_sid(&member, member_string)) continue; - if (!add_sid_to_array(NULL, &member, closure->sids, closure->num)) { + if (!NT_STATUS_IS_OK(add_sid_to_array(NULL, &member, + closure->sids, + closure->num))) + { /* talloc fail. */ break; } diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 63fb462e32d..509da807853 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -184,8 +184,10 @@ static int priv_traverse_fn(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, void *s return 0; } - if (!add_sid_to_array( priv->mem_ctx, &sid, &priv->sids.list, - &priv->sids.count )) { + if (!NT_STATUS_IS_OK(add_sid_to_array(priv->mem_ctx, &sid, + &priv->sids.list, + &priv->sids.count))) + { return 0; } diff --git a/source3/lib/util_reg_smbconf.c b/source3/lib/util_reg_smbconf.c index fa58f28d034..472fef7a2d3 100644 --- a/source3/lib/util_reg_smbconf.c +++ b/source3/lib/util_reg_smbconf.c @@ -30,18 +30,21 @@ extern REGISTRY_OPS smbconf_reg_ops; */ NT_USER_TOKEN *registry_create_admin_token(TALLOC_CTX *mem_ctx) { + NTSTATUS status; NT_USER_TOKEN *token = NULL; /* fake a user token: builtin administrators sid and the * disk operators privilege is all we need to access the * registry... */ - if (!(token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) { + token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN); + if (token == NULL) { DEBUG(1, ("talloc failed\n")); goto done; } token->privileges = se_disk_operators; - if (!add_sid_to_array(token, &global_sid_Builtin_Administrators, - &token->user_sids, &token->num_sids)) { + status = add_sid_to_array(token, &global_sid_Builtin_Administrators, + &token->user_sids, &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Error adding builtin administrators sid " "to fake token.\n")); goto done; diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 222b32ed3a1..37865238a52 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -573,20 +573,20 @@ DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, const DOM_SID *src) Add SID to an array SIDs ********************************************************************/ -bool add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - DOM_SID **sids, size_t *num) +NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + DOM_SID **sids, size_t *num) { *sids = TALLOC_REALLOC_ARRAY(mem_ctx, *sids, DOM_SID, (*num)+1); if (*sids == NULL) { *num = 0; - return False; + return NT_STATUS_NO_MEMORY; } sid_copy(&((*sids)[*num]), sid); *num += 1; - return True; + return NT_STATUS_OK; } @@ -594,14 +594,14 @@ bool add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, Add SID to an array SIDs ensuring that it is not already there ********************************************************************/ -bool add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - DOM_SID **sids, size_t *num_sids) +NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + DOM_SID **sids, size_t *num_sids) { size_t i; for (i=0; i<(*num_sids); i++) { if (sid_compare(sid, &(*sids)[i]) == 0) - return True; + return NT_STATUS_OK; } return add_sid_to_array(mem_ctx, sid, sids, num_sids); @@ -670,6 +670,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, size_t *num_user_sids, bool include_user_group_rid) { + NTSTATUS status; DOM_SID sid; DOM_SID *sid_array = NULL; size_t num_sids = 0; @@ -677,35 +678,47 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, if (include_user_group_rid) { - if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->user_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not add user SID from rid 0x%x\n", - info3->user_rid)); + if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->user_rid)) + { + DEBUG(3, ("could not compose user SID from rid 0x%x\n", + info3->user_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append user SID from rid 0x%x\n", + info3->user_rid)); + return status; + } - if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->group_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not append additional group rid 0x%x\n", - info3->group_rid)); - + if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->group_rid)) + { + DEBUG(3, ("could not compose group SID from rid 0x%x\n", + info3->group_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append group SID from rid 0x%x\n", + info3->group_rid)); + return status; + } } for (i = 0; i < info3->num_groups2; i++) { if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->gids[i].g_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not append additional group rid 0x%x\n", - info3->gids[i].g_rid)); + info3->gids[i].g_rid)) + { + DEBUG(3, ("could not compose SID from additional group " + "rid 0x%x\n", info3->gids[i].g_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append SID from additional group " + "rid 0x%x\n", info3->gids[i].g_rid)); + return status; + } } /* Copy 'other' sids. We need to do sid filtering here to @@ -715,11 +728,12 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, */ for (i = 0; i < info3->num_other_sids; i++) { - if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, - &sid_array, &num_sids)) { + status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, + &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("could not add SID to array: %s\n", sid_string_dbg(&info3->other_sids[i].sid))); - return NT_STATUS_NO_MEMORY; + return status; } } diff --git a/source3/libgpo/gpo_ldap.c b/source3/libgpo/gpo_ldap.c index 7c59e8e5dc5..4e63b92e4ef 100644 --- a/source3/libgpo/gpo_ldap.c +++ b/source3/libgpo/gpo_ldap.c @@ -643,9 +643,12 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads, token_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, 1); ADS_ERROR_HAVE_NO_MEMORY(token_sids); - if (!add_sid_to_array_unique(mem_ctx, &primary_group_sid, &token_sids, - &num_token_sids)) { - return ADS_ERROR(LDAP_NO_MEMORY); + status = ADS_ERROR_NT(add_sid_to_array_unique(mem_ctx, + &primary_group_sid, + &token_sids, + &num_token_sids)); + if (!ADS_ERR_OK(status)) { + return status; } for (i = 0; i < num_ad_token_sids; i++) { @@ -654,9 +657,12 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads, continue; } - if (!add_sid_to_array_unique(mem_ctx, &ad_token_sids[i], - &token_sids, &num_token_sids)) { - return ADS_ERROR(LDAP_NO_MEMORY); + status = ADS_ERROR_NT(add_sid_to_array_unique(mem_ctx, + &ad_token_sids[i], + &token_sids, + &num_token_sids)); + if (!ADS_ERR_OK(status)) { + return status; } } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 205b178a93f..28df56bdb1d 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -2886,8 +2886,9 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods, /* This sid will be replaced later */ - if (!add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids, &num_sids)) { - ret = NT_STATUS_NO_MEMORY; + ret = add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids, + &num_sids); + if (!NT_STATUS_IS_OK(ret)) { goto done; } @@ -2926,9 +2927,9 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods, ret = NT_STATUS_NO_MEMORY; goto done; } - if (!add_sid_to_array_unique(mem_ctx, &sid, pp_sids, - &num_sids)) { - ret = NT_STATUS_NO_MEMORY; + ret = add_sid_to_array_unique(mem_ctx, &sid, pp_sids, + &num_sids); + if (!NT_STATUS_IS_OK(ret)) { goto done; } } @@ -3646,14 +3647,17 @@ static NTSTATUS ldapsam_enum_aliasmem(struct pdb_methods *methods, for (i=0; isid); sid_append_rid(&sid, alias_rids[i]); - if (!add_sid_to_array(state->mem_ctx, &sid, &sids, &num_sids)) { + result = add_sid_to_array(state->mem_ctx, &sid, &sids, + &num_sids); + if (!NT_STATUS_IS_OK(result)) { return WINBINDD_ERROR; } } @@ -832,8 +836,9 @@ static void gettoken_recvdomgroups(TALLOC_CTX *mem_ctx, bool success, state->sids = NULL; state->num_sids = 0; - if (!add_sid_to_array(mem_ctx, &state->user_sid, &state->sids, - &state->num_sids)) { + if (!NT_STATUS_IS_OK(add_sid_to_array(mem_ctx, &state->user_sid, + &state->sids, &state->num_sids))) + { DEBUG(0, ("Out of memory\n")); state->cont(state->private_data, False, NULL, 0); return; @@ -874,8 +879,11 @@ static void gettoken_recvaliases(void *private_data, bool success, } for (i=0; imem_ctx, &aliases[i], - &state->sids, &state->num_sids)) { + if (!NT_STATUS_IS_OK(add_sid_to_array(state->mem_ctx, + &aliases[i], + &state->sids, + &state->num_sids))) + { DEBUG(0, ("Out of memory\n")); state->cont(state->private_data, False, NULL, 0); return; diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 62e8d1c40b1..6a704cf2902 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -438,18 +438,15 @@ static NTSTATUS expand_groups( TALLOC_CTX *ctx, if ( name_types[j] == SID_NAME_DOM_GRP || name_types[j] == SID_NAME_ALIAS ) { - bool ret; - - ret = add_sid_to_array_unique( ctx, - &sid_mem[j], - &new_groups, - &new_groups_size ); - if ( !ret ) { - status = NT_STATUS_NO_MEMORY; + status = add_sid_to_array_unique(ctx, + &sid_mem[j], + &new_groups, + &new_groups_size); + if (NT_STATUS_IS_OK(status)) { goto out; } - continue; + continue; } } diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 7a9014a82f1..525096b0a2a 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -273,12 +273,13 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_PARAMETER; } - if (!add_sid_to_array(mem_ctx, &sid, - &require_membership_of_sid, - &num_require_membership_of_sid)) { + status = add_sid_to_array(mem_ctx, &sid, + &require_membership_of_sid, + &num_require_membership_of_sid); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("add_sid_to_array failed\n")); TALLOC_FREE(frame); - return NT_STATUS_NO_MEMORY; + return status; } } diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index cc12d4b7ea9..dc48fdef8b1 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -1304,19 +1304,22 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain, /* always add the primary group to the sid array */ sid_compose(&primary_group, &info3->dom_sid.sid, info3->user_rid); - if (!add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups)) { + status = add_sid_to_array(mem_ctx, &primary_group, user_sids, + &num_groups); + if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(info3); - return NT_STATUS_NO_MEMORY; + return status; } for (i=0; inum_groups; i++) { sid_copy(&group_sid, &info3->dom_sid.sid); sid_append_rid(&group_sid, info3->gids[i].g_rid); - if (!add_sid_to_array(mem_ctx, &group_sid, user_sids, - &num_groups)) { + status = add_sid_to_array(mem_ctx, &group_sid, user_sids, + &num_groups); + if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(info3); - return NT_STATUS_NO_MEMORY; + return status; } } @@ -1328,11 +1331,11 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain, if (info3->other_sids_attrib[i] & SE_GROUP_RESOURCE) continue; - if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, - user_sids, &num_groups)) - { + status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, + user_sids, &num_groups); + if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(info3); - return NT_STATUS_NO_MEMORY; + return status; } }