summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-03-14 08:27:44 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:15:27 -0500
commit5c1e6f0a9e8aaa5ad5d34062aa6d9f1afafea824 (patch)
tree1fcf4c630105ce1f6cc2cd89cefa30bb616cb2af
parent9c046e7ad91911257f530b7ee2fe416a76a66bb7 (diff)
downloadsamba-5c1e6f0a9e8aaa5ad5d34062aa6d9f1afafea824.tar.gz
samba-5c1e6f0a9e8aaa5ad5d34062aa6d9f1afafea824.tar.bz2
samba-5c1e6f0a9e8aaa5ad5d34062aa6d9f1afafea824.zip
r14367: Not that I fully understand what's going on here, but the code as it was here
was clearly buggy as Coverity showed with bug id #36. According to samba4 idl the sec_desc_buf is [in,out,ref], so we _have_ to ship it in the request. Volker (This used to be commit 075e784491e6f2b491bd063db08ff1267f9cabbb)
-rw-r--r--source3/libmsrpc/cac_winreg.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/source3/libmsrpc/cac_winreg.c b/source3/libmsrpc/cac_winreg.c
index 8c9f06a59b..4f6ae40808 100644
--- a/source3/libmsrpc/cac_winreg.c
+++ b/source3/libmsrpc/cac_winreg.c
@@ -823,7 +823,7 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG
WERROR err;
uint32 buf_size;
- SEC_DESC_BUF *buf = NULL;
+ SEC_DESC_BUF buf;
if(!hnd)
return CAC_FAILURE;
@@ -844,7 +844,7 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG
return CAC_FAILURE;
}
- err = rpccli_reg_get_key_sec(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &buf_size, buf);
+ err = rpccli_reg_get_key_sec(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &buf_size, &buf);
hnd->status = werror_to_ntstatus(err);
@@ -852,8 +852,12 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG
return CAC_FAILURE;
}
- op->out.size = buf->len;
- op->out.descriptor = buf->sec;
+ op->out.size = buf.len;
+ op->out.descriptor = dup_sec_desc(mem_ctx, buf.sec);
+
+ if (op->out.descriptor == NULL) {
+ return CAC_FAILURE;
+ }
return CAC_SUCCESS;
}