s3:auth: fix dereference level in talloc checks in create_token_from_sid()

Commit c5b150b33fc54ed97dbd0736cc6f4c15977d6e70 introduced these checks.
The current check "found_username == NULL" is wrong (we would segfault earlier
in this case). We need to check *found_username == NULL instead as
noted by Günter.

Reported-by: Günter Kukkukk <linux@kukkukk.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

1 files changed, 2 insertions, 2 deletions

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 8a73a7198f..9b740b7bc9 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -610,7 +610,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 		*found_username = talloc_strdup(mem_ctx,
 						pdb_get_username(sam_acct));
 
-		if (found_username == NULL) {
+		if (*found_username == NULL) {
 			result = NT_STATUS_NO_MEMORY;
 			goto done;
 		}
@@ -705,7 +705,7 @@ static NTSTATUS create_token_from_sid(TALLOC_CTX *mem_ctx,
 
 		/* Ensure we're returning the found_username on the right context. */
 		*found_username = talloc_strdup(mem_ctx, pass->pw_name);
-		if (found_username == NULL) {
+		if (*found_username == NULL) {
 			result = NT_STATUS_NO_MEMORY;
 			goto done;
 		}