summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-11-14 20:21:23 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:15:48 -0500
commitd988af921de131a05490f1eaa92dd33d36501580 (patch)
tree63900ac32583fbb3535a90a13bea85e834862ee6
parentb903eb231a1db429dca2120e392d49284e284bd3 (diff)
downloadsamba-d988af921de131a05490f1eaa92dd33d36501580.tar.gz
samba-d988af921de131a05490f1eaa92dd33d36501580.tar.bz2
samba-d988af921de131a05490f1eaa92dd33d36501580.zip
r19705: Fix blocker bug for 3.0.23d - find_forced_group could
return an uninitialized sid. Jeremy. (This used to be commit 57c60103e7dd8f9907bc2954369ea8db8b3b69ff)
-rw-r--r--source3/smbd/service.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 29f26c0302..60ba85ab65 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -434,6 +434,9 @@ static NTSTATUS find_forced_group(BOOL force_user,
BOOL user_must_be_member = False;
gid_t gid;
+ ZERO_STRUCTP(pgroup_sid);
+ *pgid = (gid_t)-1;
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
@@ -489,6 +492,12 @@ static NTSTATUS find_forced_group(BOOL force_user,
*pgid = gid;
DEBUG(3,("Forced group %s for member %s\n",
groupname, username));
+ } else {
+ DEBUG(0,("find_forced_group: forced user %s is not a member "
+ "of forced group %s. Disallowing access.\n",
+ username, groupname ));
+ result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+ goto done;
}
} else {
sid_copy(pgroup_sid, &group_sid);