diff options
| author | Jeremy Allison <jra@samba.org> | 2006-06-15 01:54:09 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:17:27 -0500 |
| commit | f9147c4e408d316d194c4e367dfccbf433cb8ec9 (patch) | |
| tree | c706add179942ab8c6b54cda49e9b0a47fc69bca /source3/rpc_server | |
| parent | a1e0a0e9286fbe90ca04cda9df38e72d8d18b0c1 (diff) | |
| download | samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.gz samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.bz2 samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.zip | |
r16241: Fix Klocwork #106 and others like it.
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index d512115e83..10cd5c82ba 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -238,7 +238,7 @@ static NTSTATUS get_md4pw(char *md4pw, char *mach_acct, uint16 sec_chan_type) ret = pdb_getsampwnam(sampass, mach_acct); unbecome_root(); - if (ret == False) { + if (!ret) { DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct)); TALLOC_FREE(sampass); return NT_STATUS_ACCESS_DENIED; @@ -562,26 +562,30 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * } /* We must store the creds state after an update. */ + sampass = samu_new( NULL ); + if (!sampass) { + return NT_STATUS_NO_MEMORY; + } + become_root(); secrets_store_schannel_session_info(p->pipe_state_mem_ctx, remote_machine, p->dc); - if ( (sampass = samu_new( NULL )) != NULL ) { - ret = pdb_getsampwnam(sampass, p->dc->mach_acct); - } + ret = pdb_getsampwnam(sampass, p->dc->mach_acct); unbecome_root(); - if ( !sampass ) - return NT_STATUS_NO_MEMORY; + if (!ret) { + TALLOC_FREE(sampass); + return NT_STATUS_ACCESS_DENIED; + } /* Ensure the account exists and is a machine account. */ acct_ctrl = pdb_get_acct_ctrl(sampass); - if (!(ret - && (acct_ctrl & ACB_WSTRUST || + if (!(acct_ctrl & ACB_WSTRUST || acct_ctrl & ACB_SVRTRUST || - acct_ctrl & ACB_DOMTRUST))) { + acct_ctrl & ACB_DOMTRUST)) { TALLOC_FREE(sampass); return NT_STATUS_NO_SUCH_USER; } @@ -626,7 +630,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * } become_root(); - r_u->status = pdb_update_sam_account (sampass); + r_u->status = pdb_update_sam_account(sampass); unbecome_root(); } |