diff options
| author | Simo Sorce <idra@samba.org> | 2002-03-18 23:57:14 +0000 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2002-03-18 23:57:14 +0000 |
| commit | 32334bc6553c25b706e60a321f9c16f8931f94c1 (patch) | |
| tree | 4b4a57dc2ccdf262c6a9e463d15c07e7ad9fa08c /source3/rpc_server/srv_samr_nt.c | |
| parent | 9fffb0859d07a885278c395a366656f05731235c (diff) | |
| download | samba-32334bc6553c25b706e60a321f9c16f8931f94c1.tar.gz samba-32334bc6553c25b706e60a321f9c16f8931f94c1.tar.bz2 samba-32334bc6553c25b706e60a321f9c16f8931f94c1.zip | |
more verbose checking in talloc and util_pw
fixed tdbsam memory corruption (and segfault)
reducing calls to pdb_uid_to_user_rid and countrary to 0 to move to a non alghoritmic rid allocation with some passdb modules.
(This used to be commit 9836af7cd623357feaec07bc49cfb78f0aa01fc3)
Diffstat (limited to 'source3/rpc_server/srv_samr_nt.c')
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 44 |
1 files changed, 42 insertions, 2 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index eb8ec16f45..542e4796c2 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2835,6 +2835,9 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD fstring grp_name; uint32 rid; GROUP_MAP map; + NTSTATUS ret; + SAM_ACCOUNT *sam_user; + BOOL check; /* Find the policy handle. Open a policy on it. */ if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid)) @@ -2859,7 +2862,23 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD } sid_split_rid(&q_u->sid.sid, &rid); - uid=pdb_user_rid_to_uid(rid); + + ret = pdb_init_sam(&sam_user); + if (NT_STATUS_IS_ERR(ret)) + return ret; + + become_root(); + check = pdb_getsampwrid(sam_user, rid); + unbecome_root(); + + if (check != True) + return NT_STATUS_NO_SUCH_USER; + + uid = pdb_get_uid(sam_user); + if (uid == -1) + return NT_STATUS_NO_SUCH_USER; + + pdb_free_sam(&sam_user); if ((pwd=getpwuid(uid)) == NULL) return NT_STATUS_NO_SUCH_USER; @@ -2963,6 +2982,10 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD struct group *grp; fstring grp_name; GROUP_MAP map; + uid_t uid; + NTSTATUS ret; + SAM_ACCOUNT *sam_user; + BOOL check; /* Find the policy handle. Open a policy on it. */ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid)) @@ -2979,7 +3002,24 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_GROUP; - if ((pwd=getpwuid(pdb_user_rid_to_uid(q_u->rid))) ==NULL) + ret = pdb_init_sam(&sam_user); + if (NT_STATUS_IS_ERR(ret)) + return ret; + + become_root(); + check = pdb_getsampwrid(sam_user, q_u->rid); + unbecome_root(); + + if (check != True) + return NT_STATUS_NO_SUCH_USER; + + uid = pdb_get_uid(sam_user); + if (uid == -1) + return NT_STATUS_NO_SUCH_USER; + + pdb_free_sam(&sam_user); + + if ((pwd=getpwuid(uid)) == NULL) return NT_STATUS_NO_SUCH_USER; if ((grp=getgrgid(map.gid)) == NULL) |