diff options
author | Jeremy Allison <jra@samba.org> | 2006-08-11 18:09:59 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:38:37 -0500 |
commit | 51f6bfea3be59139b4a8b6376efe53eb78ad0abf (patch) | |
tree | cc788733ace4caba0b2c8218859cb4ce991c201b /source3/utils | |
parent | 46e1ce559eb85ac49c3275e12d44b3336e59e937 (diff) | |
download | samba-51f6bfea3be59139b4a8b6376efe53eb78ad0abf.tar.gz samba-51f6bfea3be59139b4a8b6376efe53eb78ad0abf.tar.bz2 samba-51f6bfea3be59139b4a8b6376efe53eb78ad0abf.zip |
r17496: net groupmap add could add uninitialized sid_name_type
entries to the group mapping db. Ensure this can't happen.
Jeremy.
(This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511)
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_groupmap.c | 37 |
1 files changed, 27 insertions, 10 deletions
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 86bec385e7..b95e8c65e4 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -188,7 +188,14 @@ static int net_groupmap_add(int argc, const char **argv) uint32 rid = 0; int i; GROUP_MAP map; - + const char *name_type; + + ZERO_STRUCT(map); + + /* Default is domain group. */ + map.sid_name_use = SID_NAME_DOM_GRP; + name_type = "domain group"; + /* get the options */ for ( i=0; i<argc; i++ ) { if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) { @@ -237,15 +244,21 @@ static int net_groupmap_add(int argc, const char **argv) case 'b': case 'B': map.sid_name_use = SID_NAME_WKN_GRP; + name_type = "wellknown group"; break; case 'd': case 'D': map.sid_name_use = SID_NAME_DOM_GRP; + name_type = "domain group"; break; case 'l': case 'L': map.sid_name_use = SID_NAME_ALIAS; + name_type = "alias (local) group"; break; + default: + d_fprintf(stderr, "unknown group type %s\n", type); + return -1; } } else { @@ -316,8 +329,8 @@ static int net_groupmap_add(int argc, const char **argv) return -1; } - d_printf("Successfully added group %s to the mapping db\n", - map.nt_name); + d_printf("Successfully added group %s to the mapping db as a %s\n", + map.nt_name, name_type); return 0; } @@ -413,15 +426,19 @@ static int net_groupmap_modify(int argc, const char **argv) * Allow changing of group type only between domain and local * We disallow changing Builtin groups !!! (SID problem) */ - if (sid_type != SID_NAME_UNKNOWN) { - if (map.sid_name_use == SID_NAME_WKN_GRP) { - d_fprintf(stderr, "You can only change between domain and local groups.\n"); - return -1; - } - - map.sid_name_use=sid_type; + + if (sid_type == SID_NAME_UNKNOWN) { + d_fprintf(stderr, "Can't map to an unknown group type.\n"); + return -1; } + if (map.sid_name_use == SID_NAME_WKN_GRP) { + d_fprintf(stderr, "You can only change between domain and local groups.\n"); + return -1; + } + + map.sid_name_use=sid_type; + /* Change comment if new one */ if ( ntcomment[0] ) fstrcpy( map.comment, ntcomment ); |