Remove fstring from map_username. Create a more sane interface than the called-parameter-is-modified.

Jeremy.

4 files changed, 25 insertions, 11 deletions

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index cbe4d62595..9be2b3b746 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -435,7 +435,7 @@ static bool user_ok(const char *user, int snum)
 			 * around to pass to str_list_sub_basic() */
 
 			if ( invalid && str_list_sub_basic(invalid, "", "") ) {
-				ret = !user_in_list(user,
+				ret = !user_in_list(talloc_tos(), user,
 						    (const char **)invalid);
 			}
 		}
@@ -452,7 +452,7 @@ static bool user_ok(const char *user, int snum)
 			 * around to pass to str_list_sub_basic() */
 
 			if ( valid && str_list_sub_basic(valid, "", "") ) {
-				ret = user_in_list(user,
+				ret = user_in_list(talloc_tos(), user,
 						   (const char **)valid);
 			}
 		}
@@ -465,7 +465,7 @@ static bool user_ok(const char *user, int snum)
 		if (user_list &&
 		    str_list_substitute(user_list, "%S",
 					lp_servicename(snum))) {
-			ret = user_in_list(user,
+			ret = user_in_list(talloc_tos(), user,
 					   (const char **)user_list);
 		}
 		TALLOC_FREE(user_list);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ab68cb783e..efe68d7c3f 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -318,13 +318,20 @@ int find_service(fstring service)
 		char *phome_dir = get_user_home_dir(talloc_tos(), service);
 
 		if(!phome_dir) {
+			char *service_out = NULL;
 			/*
 			 * Try mapping the servicename, it may
 			 * be a Windows to unix mapped user name.
 			 */
-			if(map_username(service))
+			if(map_username(talloc_tos(), service, &service_out)) {
+				if (service_out == NULL) {
+					/* Out of memory. */
+					return -1;
+				}
+				fstrcpy(service, service_out);
 				phome_dir = get_user_home_dir(
 					talloc_tos(), service);
+			}
 		}
 
 		DEBUG(3,("checking for home directory %s gave %s\n",service,
@@ -1153,12 +1160,12 @@ connection_struct *make_connection(struct smbd_server_connection *sconn,
 			/* Security = share. Try with
 			 * current_user_info.smb_name as the username.  */
 			if (*current_user_info.smb_name) {
-				fstring unix_username;
-				fstrcpy(unix_username,
-					current_user_info.smb_name);
-				map_username(unix_username);
+				char *unix_username = NULL;
+				(void)map_username(talloc_tos(),
+						current_user_info.smb_name,
+						&unix_username);
 				snum = find_service(unix_username);
-			} 
+			}
 			if (snum != -1) {
 				DEBUG(5, ("making a connection to 'homes' "
 					  "service %s based on "
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index f9e49461cc..12d046038c 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -1546,13 +1546,20 @@ void reply_sesssetup_and_X(struct smb_request *req)
 	reload_services(sconn->msg_ctx, sconn->sock, True);
 
 	if (lp_security() == SEC_SHARE) {
+		char *sub_user_mapped = NULL;
 		/* In share level we should ignore any passwords */
 
 		data_blob_free(&lm_resp);
 		data_blob_free(&nt_resp);
 		data_blob_clear_free(&plaintext_password);
 
-		map_username(sub_user);
+		(void)map_username(talloc_tos(), sub_user, &sub_user_mapped);
+		if (!sub_user_mapped) {
+			reply_nterror(req, NT_STATUS_NO_MEMORY);
+			END_PROFILE(SMBsesssetupX);
+			return;
+		}
+		fstrcpy(sub_user, sub_user_mapped);
 		add_session_user(sconn, sub_user);
 		add_session_workgroup(sconn, domain);
 		/* Then force it to null for the benfit of the code below */
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index 387d988a4d..d00616b24e 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -131,7 +131,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx,
 		}
 		if (*prefix == '&') {
 			if (username) {
-				if (user_in_netgroup(username, name)) {
+				if (user_in_netgroup(mem_ctx, username, name)) {
 					return True;
 				}
 			}