sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

s4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common() gets prepared [ref] pointers

Browse Source 
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-03-20 12:56:00 +01:00 committed by Ralph Boehme
parent 3909f8fcfe
commit f6e60d2c2e
1 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
source4/rpc_server/lsa/lsa_lookup.c
View File

@ -596,13 +596,16 @@ static NTSTATUS dcesrv_lsa_LookupSids_common(struct dcesrv_call_state *dce_call,
NTSTATUS status = NT_STATUS_OK;
uint32_t i;
*r->out.domains = NULL;
r->out.names->count = 0;
r->out.names->names = NULL;
*r->out.count = 0;
if (r->in.level < LSA_LOOKUP_NAMES_ALL ||
r->in.level > LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC) {
return NT_STATUS_INVALID_PARAMETER;
}
*r->out.domains = NULL;
/* NOTE: the WSPP test suite tries SIDs with invalid revision numbers,
and expects NT_STATUS_INVALID_PARAMETER back - we just treat it as
an unknown SID. We could add a SID validator here. (tridge)
@ -615,13 +618,6 @@ static NTSTATUS dcesrv_lsa_LookupSids_common(struct dcesrv_call_state *dce_call,
}
*r->out.domains = domains;
r->out.names = talloc_zero(mem_ctx, struct lsa_TransNameArray2);
if (r->out.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
*r->out.count = 0;
r->out.names->names = talloc_array(r->out.names, struct lsa_TranslatedName2,
r->in.sids->num_sids);
if (r->out.names->names == NULL) {
@ -739,6 +735,11 @@ NTSTATUS dcesrv_lsa_LookupSids3(struct dcesrv_call_state *dce_call,
DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
}
*r->out.domains = NULL;
r->out.names->count = 0;
r->out.names->names = NULL;
*r->out.count = 0;
status = dcesrv_lsa_get_policy_state(dce_call, mem_ctx,
0, /* we skip access checks */
&policy_state);
@ -790,17 +791,28 @@ NTSTATUS dcesrv_lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *m
DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
}
*r->out.domains = NULL;
r->out.names->count = 0;
r->out.names->names = NULL;
*r->out.count = 0;
ZERO_STRUCT(r2);
r2.in.handle = r->in.handle;
r2.in.sids = r->in.sids;
r2.in.names = NULL;
r2.in.names = talloc_zero(mem_ctx, struct lsa_TransNameArray2);
if (r2.in.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
r2.in.level = r->in.level;
r2.in.count = r->in.count;
r2.in.lookup_options = LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES;
r2.in.client_revision = LSA_CLIENT_REVISION_1;
r2.out.count = r->out.count;
r2.out.names = NULL;
r2.out.names = talloc_zero(mem_ctx, struct lsa_TransNameArray2);
if (r2.out.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
r2.out.domains = r->out.domains;
status = dcesrv_lsa_LookupSids2(dce_call, mem_ctx, &r2);