diff options
| author | Stefan Metzmacher <metze@samba.org> | 2012-11-29 12:33:22 +0100 |
|---|---|---|
| committer | Michael Adam <obnox@samba.org> | 2012-12-02 22:42:20 +0100 |
| commit | cf60338ada9b1685aaa49a41cefbe1e14040a283 (patch) | |
| tree | 94ac3de11e972e1e574b9fbb00fbd7403398732b /libcli/security | |
| parent | 8fbe39d5134e136101425f9fc8d3d5080cbe25ba (diff) | |
| download | samba-cf60338ada9b1685aaa49a41cefbe1e14040a283.tar.gz samba-cf60338ada9b1685aaa49a41cefbe1e14040a283.tar.bz2 samba-cf60338ada9b1685aaa49a41cefbe1e14040a283.zip | |
libcli/security: remove duplicate aces in se_create_child_secdesc()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'libcli/security')
| -rw-r--r-- | libcli/security/secdesc.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c index a3db1b6729..d2c5833492 100644 --- a/libcli/security/secdesc.c +++ b/libcli/security/secdesc.c @@ -679,6 +679,40 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, talloc_free(frame); + /* + * remove duplicates + */ + for (i=1; i < new_ace_list_ndx;) { + struct security_ace *ai = &new_ace_list[i]; + unsigned int remaining, j; + bool remove = false; + + for (j=0; j < i; j++) { + struct security_ace *aj = &new_ace_list[j]; + + if (!sec_ace_equal(ai, aj)) { + continue; + } + + remove = true; + break; + } + + if (!remove) { + i++; + continue; + } + + new_ace_list_ndx--; + remaining = new_ace_list_ndx - i; + if (remaining == 0) { + ZERO_STRUCT(new_ace_list[i]); + continue; + } + memmove(&new_ace_list[i], &new_ace_list[i+1], + sizeof(new_ace_list[i]) * remaining); + } + /* Create child security descriptor to return */ if (new_ace_list_ndx) { new_dacl = make_sec_acl(ctx, |