diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-05-24 09:08:21 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-06-21 16:07:15 +0200 |
commit | a65173ae68a489875a2758b7e0b5640e9ac412fe (patch) | |
tree | 998665a9a78c640acea6c345433968a53b8ae66f | |
parent | 2481158a16f530d1f2d7dc64a09d6b9b2ae07045 (diff) | |
download | samba-a65173ae68a489875a2758b7e0b5640e9ac412fe.tar.gz samba-a65173ae68a489875a2758b7e0b5640e9ac412fe.tar.bz2 samba-a65173ae68a489875a2758b7e0b5640e9ac412fe.zip |
s3:winbindd: do not expose negative cache idmap entries as valid mappings (bug #9002)
metze
-rw-r--r-- | source3/winbindd/winbindd_sids_to_xids.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/source3/winbindd/winbindd_sids_to_xids.c b/source3/winbindd/winbindd_sids_to_xids.c index aa179b7db0..09d9a9b923 100644 --- a/source3/winbindd/winbindd_sids_to_xids.c +++ b/source3/winbindd/winbindd_sids_to_xids.c @@ -240,22 +240,30 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req, for (i=0; i<state->num_sids; i++) { char type; - uint64_t unix_id = (uint64_t)-1; + uint32_t unix_id = UINT32_MAX; bool found = true; if (state->cached[i].sid != NULL) { unix_id = state->cached[i].xid.id; - if (state->cached[i].xid.type == ID_TYPE_UID) { + + switch (state->cached[i].xid.type) { + case ID_TYPE_UID: type = 'U'; - } else { + break; + case ID_TYPE_GID: type = 'G'; + break; + case ID_TYPE_BOTH: + type = 'B'; + break; + default: + found = false; + break; } } else { struct unixid id; + unix_id = state->ids.ids[num_non_cached].unix_id; - if (unix_id == -1) { - found = false; - } id.id = unix_id; id.type = state->ids.ids[num_non_cached].type; @@ -275,10 +283,15 @@ NTSTATUS winbindd_sids_to_xids_recv(struct tevent_req *req, break; default: found = false; + break; } num_non_cached += 1; } + if (unix_id == UINT32_MAX) { + found = false; + } + if (found) { result = talloc_asprintf_append_buffer( result, "%c%lu\n", type, |