diff options
author | Günther Deschner <gd@samba.org> | 2009-06-23 11:16:23 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2009-06-23 11:17:50 +0200 |
commit | a6ab195d72ab5b986f278662f1fbbb5d983effec (patch) | |
tree | e85a52d15126b22093523b3c3a3b06b42c60a41e | |
parent | e4dec230e971a761d3ff9a31013f130d55e63fd0 (diff) | |
download | samba-a6ab195d72ab5b986f278662f1fbbb5d983effec.tar.gz samba-a6ab195d72ab5b986f278662f1fbbb5d983effec.tar.bz2 samba-a6ab195d72ab5b986f278662f1fbbb5d983effec.zip |
s3-lsa: Fix error path in _lsa_EnumAccountRights.
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND
again as described in MS-LSAD 3.1.4.5.10 and tested with the
RPC-SAMR-USER-PRIVILEGES test.
Guenther
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 8773c29350..3e44c8e777 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -2152,9 +2152,18 @@ NTSTATUS _lsa_EnumAccountRights(pipes_struct *p, sid_copy( &sid, r->in.sid ); - get_privileges_for_sids(&mask, &sid, 1); + /* according to MS-LSAD 3.1.4.5.10 it is required to return + * NT_STATUS_OBJECT_NAME_NOT_FOUND if the account sid was not found in + * the lsa database */ - privilege_set_init( &privileges ); + if (!get_privileges_for_sids(&mask, &sid, 1)) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + + status = privilege_set_init(&privileges); + if (!NT_STATUS_IS_OK(status)) { + return status; + } se_priv_to_privilege_set(&privileges, &mask); |