summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2000-06-23 19:57:42 +0000
committerJeremy Allison <jra@samba.org>2000-06-23 19:57:42 +0000
commita8c21a8e6b747123d9a176a8048f05f68499b463 (patch)
tree11bea88ccd831c8a0c24107ca8fb5b60036a7201 /source3/smbd
parent5dd2bd50768ef57072e27b42faf7790875c7bae8 (diff)
downloadsamba-a8c21a8e6b747123d9a176a8048f05f68499b463.tar.gz
samba-a8c21a8e6b747123d9a176a8048f05f68499b463.tar.bz2
samba-a8c21a8e6b747123d9a176a8048f05f68499b463.zip
Fix a malloc of zero problem.
Jeremy. (This used to be commit 2aa21db960666736331b18956422b7c13aad0f0f)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/sec_ctx.c87
1 files changed, 49 insertions, 38 deletions
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index bbd801d76b..f7ea1e2d86 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -143,6 +143,8 @@ static void get_current_groups(int *ngroups, gid_t **groups)
BOOL push_sec_ctx(void)
{
+ struct sec_ctx *ctx_p;
+
/* Check we don't overflow our stack */
if (sec_ctx_stack_ndx == (MAX_SEC_CTX_DEPTH)) {
@@ -154,20 +156,23 @@ BOOL push_sec_ctx(void)
sec_ctx_stack_ndx++;
- sec_ctx_stack[sec_ctx_stack_ndx].uid = geteuid();
- sec_ctx_stack[sec_ctx_stack_ndx].gid = getegid();
+ ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
- sec_ctx_stack[sec_ctx_stack_ndx].ngroups = sys_getgroups(0, NULL);
+ ctx_p->uid = geteuid();
+ ctx_p->gid = getegid();
- if (!(sec_ctx_stack[sec_ctx_stack_ndx].groups =
- malloc(sec_ctx_stack[sec_ctx_stack_ndx].ngroups *
- sizeof(gid_t)))) {
- DEBUG(0, ("Out of memory in push_sec_ctx()\n"));
- return False;
- }
+ ctx_p->ngroups = sys_getgroups(0, NULL);
+
+ if (ctx_p->ngroups != 0) {
+ if (!(ctx_p->groups = malloc(ctx_p->ngroups * sizeof(gid_t)))) {
+ DEBUG(0, ("Out of memory in push_sec_ctx()\n"));
+ return False;
+ }
- sys_getgroups(sec_ctx_stack[sec_ctx_stack_ndx].ngroups,
- sec_ctx_stack[sec_ctx_stack_ndx].groups);
+ sys_getgroups(ctx_p->ngroups, ctx_p->groups);
+ } else {
+ ctx_p->groups = NULL;
+ }
return True;
}
@@ -176,6 +181,8 @@ BOOL push_sec_ctx(void)
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
{
+ struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
+
/* Set the security context */
DEBUG(3, ("setting sec ctx (%d, %d)\n", uid, gid));
@@ -186,18 +193,16 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
sys_setgroups(ngroups, groups);
#endif
- sec_ctx_stack[sec_ctx_stack_ndx].ngroups = ngroups;
+ ctx_p->ngroups = ngroups;
- if (sec_ctx_stack[sec_ctx_stack_ndx].groups != NULL)
- free(sec_ctx_stack[sec_ctx_stack_ndx].groups);
+ safe_free(ctx_p->groups);
- sec_ctx_stack[sec_ctx_stack_ndx].groups =
- memdup(groups, sizeof(gid_t) * ngroups);
+ ctx_p->groups = memdup(groups, sizeof(gid_t) * ngroups);
become_id(uid, gid);
- sec_ctx_stack[sec_ctx_stack_ndx].uid = uid;
- sec_ctx_stack[sec_ctx_stack_ndx].gid = gid;
+ ctx_p->uid = uid;
+ ctx_p->gid = gid;
/* Update current_user stuff */
@@ -220,6 +225,9 @@ void set_root_sec_ctx(void)
BOOL pop_sec_ctx(void)
{
+ struct sec_ctx *ctx_p;
+ struct sec_ctx *prev_ctx_p;
+
/* Check for stack underflow */
if (sec_ctx_stack_ndx == 0) {
@@ -227,13 +235,15 @@ BOOL pop_sec_ctx(void)
return False;
}
+ ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
+
/* Clear previous user info */
- sec_ctx_stack[sec_ctx_stack_ndx].uid = (uid_t)-1;
- sec_ctx_stack[sec_ctx_stack_ndx].gid = (gid_t)-1;
+ ctx_p->uid = (uid_t)-1;
+ ctx_p->gid = (gid_t)-1;
- safe_free(sec_ctx_stack[sec_ctx_stack_ndx].groups);
- sec_ctx_stack[sec_ctx_stack_ndx].ngroups = 0;
+ safe_free(ctx_p->groups);
+ ctx_p->ngroups = 0;
/* Pop back previous user */
@@ -241,20 +251,20 @@ BOOL pop_sec_ctx(void)
gain_root();
+ prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
+
#ifdef HAVE_SETGROUPS
- sys_setgroups(sec_ctx_stack[sec_ctx_stack_ndx].ngroups,
- sec_ctx_stack[sec_ctx_stack_ndx].groups);
+ sys_setgroups(prev_ctx_p->ngroups, prev_ctx_p->groups);
#endif
- become_id(sec_ctx_stack[sec_ctx_stack_ndx].uid,
- sec_ctx_stack[sec_ctx_stack_ndx].gid);
+ become_id(prev_ctx_p->uid, prev_ctx_p->gid);
/* Update current_user stuff */
- current_user.uid = sec_ctx_stack[sec_ctx_stack_ndx].uid;
- current_user.gid = sec_ctx_stack[sec_ctx_stack_ndx].gid;
- current_user.ngroups = sec_ctx_stack[sec_ctx_stack_ndx].ngroups;
- current_user.groups = sec_ctx_stack[sec_ctx_stack_ndx].groups;
+ current_user.uid = prev_ctx_p->uid;
+ current_user.gid = prev_ctx_p->gid;
+ current_user.ngroups = prev_ctx_p->ngroups;
+ current_user.groups = prev_ctx_p->groups;
DEBUG(3, ("popped off to sec ctx (%d, %d)\n", geteuid(), getegid()));
@@ -266,6 +276,7 @@ BOOL pop_sec_ctx(void)
void init_sec_ctx(void)
{
int i;
+ struct sec_ctx *ctx_p;
/* Initialise security context stack */
@@ -277,19 +288,19 @@ void init_sec_ctx(void)
}
/* Initialise first level of stack. It is the current context */
+ ctx_p = &sec_ctx_stack[0];
- sec_ctx_stack[0].uid = geteuid();
- sec_ctx_stack[0].gid = getegid();
+ ctx_p->uid = geteuid();
+ ctx_p->gid = getegid();
- get_current_groups(&sec_ctx_stack[0].ngroups,
- &sec_ctx_stack[0].groups);
+ get_current_groups(&ctx_p->ngroups, &ctx_p->groups);
/* Initialise current_user global */
- current_user.uid = sec_ctx_stack[sec_ctx_stack_ndx].uid;
- current_user.gid = sec_ctx_stack[sec_ctx_stack_ndx].gid;
- current_user.ngroups = sec_ctx_stack[sec_ctx_stack_ndx].ngroups;
- current_user.groups = sec_ctx_stack[sec_ctx_stack_ndx].groups;
+ current_user.uid = ctx_p->uid;
+ current_user.gid = ctx_p->gid;
+ current_user.ngroups = ctx_p->ngroups;
+ current_user.groups = ctx_p->groups;
/* The conn and vuid are usually taken care of by other modules.
We initialise them here. */