summaryrefslogtreecommitdiff
path: root/libcli/security
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-11-29 12:33:22 +0100
committerMichael Adam <obnox@samba.org>2012-12-02 22:42:20 +0100
commitcf60338ada9b1685aaa49a41cefbe1e14040a283 (patch)
tree94ac3de11e972e1e574b9fbb00fbd7403398732b /libcli/security
parent8fbe39d5134e136101425f9fc8d3d5080cbe25ba (diff)
downloadsamba-cf60338ada9b1685aaa49a41cefbe1e14040a283.tar.gz
samba-cf60338ada9b1685aaa49a41cefbe1e14040a283.tar.bz2
samba-cf60338ada9b1685aaa49a41cefbe1e14040a283.zip
libcli/security: remove duplicate aces in se_create_child_secdesc()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'libcli/security')
-rw-r--r--libcli/security/secdesc.c34
1 files changed, 34 insertions, 0 deletions
diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c
index a3db1b6729..d2c5833492 100644
--- a/libcli/security/secdesc.c
+++ b/libcli/security/secdesc.c
@@ -679,6 +679,40 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
talloc_free(frame);
+ /*
+ * remove duplicates
+ */
+ for (i=1; i < new_ace_list_ndx;) {
+ struct security_ace *ai = &new_ace_list[i];
+ unsigned int remaining, j;
+ bool remove = false;
+
+ for (j=0; j < i; j++) {
+ struct security_ace *aj = &new_ace_list[j];
+
+ if (!sec_ace_equal(ai, aj)) {
+ continue;
+ }
+
+ remove = true;
+ break;
+ }
+
+ if (!remove) {
+ i++;
+ continue;
+ }
+
+ new_ace_list_ndx--;
+ remaining = new_ace_list_ndx - i;
+ if (remaining == 0) {
+ ZERO_STRUCT(new_ace_list[i]);
+ continue;
+ }
+ memmove(&new_ace_list[i], &new_ace_list[i+1],
+ sizeof(new_ace_list[i]) * remaining);
+ }
+
/* Create child security descriptor to return */
if (new_ace_list_ndx) {
new_dacl = make_sec_acl(ctx,