summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-05-24 09:08:21 +0200
committerStefan Metzmacher <metze@samba.org>2012-06-21 16:07:15 +0200
commita65173ae68a489875a2758b7e0b5640e9ac412fe (patch)
tree998665a9a78c640acea6c345433968a53b8ae66f
parent2481158a16f530d1f2d7dc64a09d6b9b2ae07045 (diff)
downloadsamba-a65173ae68a489875a2758b7e0b5640e9ac412fe.tar.gz
samba-a65173ae68a489875a2758b7e0b5640e9ac412fe.tar.bz2
samba-a65173ae68a489875a2758b7e0b5640e9ac412fe.zip
s3:winbindd: do not expose negative cache idmap entries as valid mappings (bug #9002)
metze
-rw-r--r--source3/winbindd/winbindd_sids_to_xids.c25
1 files changed, 19 insertions, 6 deletions
diff --git a/source3/winbindd/winbindd_sids_to_xids.c b/source3/winbindd/winbindd_sids_to_xids.c
index aa179b7db0..09d9a9b923 100644
--- a/source3/winbindd/winbindd_sids_to_xids.c
+++ b/source3/winbindd/winbindd_sids_to_xids.c
@@ -240,22 +240,30 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req,
for (i=0; i<state->num_sids; i++) {
char type;
- uint64_t unix_id = (uint64_t)-1;
+ uint32_t unix_id = UINT32_MAX;
bool found = true;
if (state->cached[i].sid != NULL) {
unix_id = state->cached[i].xid.id;
- if (state->cached[i].xid.type == ID_TYPE_UID) {
+
+ switch (state->cached[i].xid.type) {
+ case ID_TYPE_UID:
type = 'U';
- } else {
+ break;
+ case ID_TYPE_GID:
type = 'G';
+ break;
+ case ID_TYPE_BOTH:
+ type = 'B';
+ break;
+ default:
+ found = false;
+ break;
}
} else {
struct unixid id;
+
unix_id = state->ids.ids[num_non_cached].unix_id;
- if (unix_id == -1) {
- found = false;
- }
id.id = unix_id;
id.type = state->ids.ids[num_non_cached].type;
@@ -275,10 +283,15 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req,
break;
default:
found = false;
+ break;
}
num_non_cached += 1;
}
+ if (unix_id == UINT32_MAX) {
+ found = false;
+ }
+
if (found) {
result = talloc_asprintf_append_buffer(
result, "%c%lu\n", type,