diff options
author | Günther Deschner <gd@samba.org> | 2010-07-01 13:46:55 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-07-01 14:13:16 +0200 |
commit | e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc (patch) | |
tree | 7cd97a597bde7803574930b95d808452ad60dd1b | |
parent | 74721bf706371d3fdc5783995a60808763fc7e6d (diff) | |
download | samba-e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc.tar.gz samba-e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc.tar.bz2 samba-e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc.zip |
s3-printing: Fix Bug #7541, %D in "printer admin" causing smbd crash.
Guenther
-rw-r--r-- | source3/printing/nt_printing.c | 3 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 22 |
2 files changed, 17 insertions, 8 deletions
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 657db56974..9ed6461b27 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5678,7 +5678,8 @@ bool print_access_check(struct auth_serversupplied_info *server_info, int snum, if (!NT_STATUS_IS_OK(status) && (token_contains_name_in_list(uidtoname(server_info->utok.uid), - NULL, NULL, server_info->ptok, + server_info->info3->base.domain.string, + NULL, server_info->ptok, lp_printer_admin(snum)))) { talloc_destroy(mem_ctx); return True; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 6fd369562a..c844027382 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1567,7 +1567,8 @@ WERROR _spoolss_OpenPrinterEx(pipes_struct *p, &se_printop ) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { close_printer_handle(p, r->out.handle); @@ -1863,8 +1864,10 @@ WERROR _spoolss_DeletePrinterDriver(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, - NULL, p->server_info->ptok, + uidtoname(p->server_info->utok.uid), + p->server_info->info3->base.domain.string, + NULL, + p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -1962,7 +1965,9 @@ WERROR _spoolss_DeletePrinterDriverEx(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, NULL, + uidtoname(p->server_info->utok.uid), + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -7825,7 +7830,8 @@ WERROR _spoolss_AddForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n")); @@ -7924,7 +7930,8 @@ WERROR _spoolss_DeleteForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n")); @@ -8007,7 +8014,8 @@ WERROR _spoolss_SetForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n")); |