diff options
author | Andrew Kroeger <andrew@sprocks.gotdns.com> | 2008-01-18 01:50:33 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2008-01-18 03:41:59 +0100 |
commit | 4d8a60f617f941ff6481bcfbac73d7ed69e43daa (patch) | |
tree | 3e1dc32100479edcc6992442309df9a595524fd4 /source4/lib | |
parent | 158a2eed334512c28a7101b3af2c364b4ac1b3fd (diff) | |
download | samba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.tar.gz samba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.tar.bz2 samba-4d8a60f617f941ff6481bcfbac73d7ed69e43daa.zip |
When Windows initially creates a new value, the value name is "New Value #1".
The '#' character was causing problems, as it was not being escaped for the dn,
but the failure returned by ldb_dn_add_child_fmt() was not being caught. This
was causing the new value to be added on the parent key, not the current key.
When attempting to delete the new value (now on the parent key) the same
escaping error was returned by ldb_dn_add_child_fmt(), causing the delete to
delete the key and not the value.
When attempting to rename a value, Windows first tries to ensure the new name
does not already exist. When a value does not exist, Windows expects a return
value of WERR_BADFILE, but WERR_NOT_FOUND was being returned instead.
Providing the WERR_BADFILE that Windows expects allows values to be renamed.
(This used to be commit 94fb39cfd967455ce5a554720c1c7e6183f91056)
Diffstat (limited to 'source4/lib')
-rw-r--r-- | source4/lib/registry/ldb.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c index d87bc6cf8e..884aed1579 100644 --- a/source4/lib/registry/ldb.c +++ b/source4/lib/registry/ldb.c @@ -112,6 +112,16 @@ static struct ldb_message *reg_ldb_pack_value(struct ldb_context *ctx, } +static char *reg_ldb_escape(TALLOC_CTX *mem_ctx, const char *value) +{ + struct ldb_val val; + + val.data = discard_const_p(uint8_t, value); + val.length = strlen(value); + + return ldb_dn_escape_value(mem_ctx, val); +} + static int reg_close_ldb_key(struct ldb_key_data *key) { if (key->subkeys != NULL) { @@ -447,7 +457,12 @@ static WERROR ldb_del_value (struct hive_key *key, const char *child) struct ldb_dn *childdn; childdn = ldb_dn_copy(kd->ldb, kd->dn); - ldb_dn_add_child_fmt(childdn, "value=%s", child); + if (!ldb_dn_add_child_fmt(childdn, "value=%s", + reg_ldb_escape(childdn, child))) + { + talloc_free(childdn); + return WERR_FOOBAR; + } ret = ldb_delete(kd->ldb, childdn); @@ -475,7 +490,12 @@ static WERROR ldb_set_value(struct hive_key *parent, msg = reg_ldb_pack_value(kd->ldb, mem_ctx, name, type, data); msg->dn = ldb_dn_copy(msg, kd->dn); - ldb_dn_add_child_fmt(msg->dn, "value=%s", name); + if (!ldb_dn_add_child_fmt(msg->dn, "value=%s", + reg_ldb_escape(mem_ctx, name))) + { + talloc_free(mem_ctx); + return WERR_FOOBAR; + } ret = ldb_add(kd->ldb, msg); if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) { |