The branch, master has been updated
via 0e376db Second part of fix for bug #7933 - samba fails to honor
SEC_STD_WRITE_OWNER bit with the acl_xattr module.
via 7936fb0 Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes
when groups has more than 1000 groups
from 8458043 s4-python: Add missing python source file encoding.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0e376db8b8b3770b189fbd9b3874406bcafcfd32
Author: Jeremy Allison <j...@samba.org>
Date: Tue Mar 13 12:16:26 2012 -0700
Second part of fix for bug #7933 - samba fails to honor SEC_STD_WRITE_OWNER
bit with the acl_xattr module.
Error found by Andrew Bartlett <abart...@samba.org> and Ricky Nance
<ricky.na...@weaubleau.k12.mo.us>.
Don't use a pointer when you really mean a bool flag.
Autobuild-User: Jeremy Allison <j...@samba.org>
Autobuild-Date: Tue Mar 13 21:56:15 CET 2012 on sn-devel-104
commit 7936fb0ab8c3413768e83975c9d8544d653ee13c
Author: Christian Ambach <a...@samba.org>
Date: Tue Mar 13 10:07:11 2012 -0700
Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has
more than 1000 groups
Use correct talloc heirarchy.
Signed-off-by: Jeremy Allison <j...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_client/cli_lsarpc.c | 10 +++++++---
source3/smbd/posix_acls.c | 10 ++++++----
2 files changed, 13 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 59ca3b0..c6e402d 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -166,6 +166,8 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client
*cli,
static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
+ TALLOC_CTX *domains_ctx,
+ TALLOC_CTX *names_ctx,
struct policy_handle *pol,
int num_sids,
const struct dom_sid *sids,
@@ -287,7 +289,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct
dcerpc_binding_handle *h,
name = lsa_names.names[i].name.string;
if (name) {
- (names)[i] = talloc_strdup(names, name);
+ (names)[i] = talloc_strdup(names_ctx, name);
if ((names)[i] == NULL) {
DEBUG(0,
("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
*presult = NT_STATUS_UNSUCCESSFUL;
@@ -296,7 +298,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct
dcerpc_binding_handle *h,
} else {
(names)[i] = NULL;
}
- domains[i] = talloc_strdup(domains,
+ domains[i] = talloc_strdup(domains_ctx,
dom_name ? dom_name : "");
(types)[i] = lsa_names.names[i].sid_type;
if ((domains)[i] == NULL) {
@@ -394,6 +396,8 @@ static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct
dcerpc_binding_handle *h,
status = dcerpc_lsa_lookup_sids_noalloc(h,
mem_ctx,
+ (TALLOC_CTX *)domains,
+ (TALLOC_CTX *)names,
pol,
hunk_num_sids,
hunk_sids,
@@ -433,7 +437,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct
dcerpc_binding_handle *h,
}
sids_left -= hunk_num_sids;
- sids_processed += hunk_num_sids; /* only used in DEBUG */
+ sids_processed += hunk_num_sids;
hunk_sids += hunk_num_sids;
hunk_domains += hunk_num_sids;
hunk_names += hunk_num_sids;
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 029eeae..f54bfa1 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1502,20 +1502,22 @@ static bool ensure_canon_entry_valid(connection_struct
*conn, canon_ace **pp_ace
then if the ownership or group ownership of this file or
directory gets changed, the user or group can lose their
access. */
+ bool got_duplicate_user = false;
+ bool got_duplicate_group = false;
for (pace = *pp_ace; pace; pace = pace->next) {
if (pace->type == SMB_ACL_USER &&
pace->unix_ug.uid ==
pace_user->unix_ug.uid) {
/* Already got one. */
- pace_user = NULL;
+ got_duplicate_user = true;
} else if (pace->type == SMB_ACL_USER &&
pace->unix_ug.uid ==
pace_user->unix_ug.uid) {
/* Already got one. */
- pace_group = NULL;
+ got_duplicate_group = true;
}
}
- if (pace_user) {
+ if (!got_duplicate_user) {
/* Add a duplicate SMB_ACL_USER entry. */
if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
DEBUG(0,("ensure_canon_entry_valid: talloc
fail.\n"));
@@ -1533,7 +1535,7 @@ static bool ensure_canon_entry_valid(connection_struct
*conn, canon_ace **pp_ace
DLIST_ADD(*pp_ace, pace);
}
- if (pace_group) {
+ if (!got_duplicate_group) {
/* Add a duplicate SMB_ACL_GROUP entry. */
if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
DEBUG(0,("ensure_canon_entry_valid: talloc
fail.\n"));
--
Samba Shared Repository
