s4:dsdb - fix unsigned integer save problems using the "%u" specifier

The issue here is that we have not yet first cast to int32_t explicitly,
before we cast to an signed int to printf() into the %d or cast to a
int64_t before we then cast to a long long to printf into a %lld.

There are *no* unsigned integers in Active Directory LDAP, even the RID
allocations and ms-DS-Secondary-KrbTgt-Number are *signed* quantities.
(See the schema, and the syntax definitions in schema_syntax.c).

The failure has been detected by Matthieu Patou on the buildfarm host "tridge"
due to a malformed "groupType" attribute.

The solution is to use the "%d" specifier. Either to use it directly - or better
(when possible) use the call "samdb_msg_add_uint" (which encapsulates it).

This patch changes such problematic situations.

1 files changed, 12 insertions, 12 deletions

diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index d2339c0e5f..4014ae0742 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -814,8 +814,8 @@ static NTSTATUS add_trust_user(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	ret = ldb_msg_add_fmt(msg, "userAccountControl", "%u",
-			      UF_INTERDOMAIN_TRUST_ACCOUNT);
+	ret = samdb_msg_add_uint(sam_ldb, msg, msg, "userAccountControl",
+				 UF_INTERDOMAIN_TRUST_ACCOUNT);
 	if (ret != LDB_SUCCESS) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -1419,6 +1419,7 @@ static NTSTATUS get_tdo(struct ldb_context *sam, TALLOC_CTX *mem_ctx,
 }
 
 static NTSTATUS update_uint32_t_value(TALLOC_CTX *mem_ctx,
+				      struct ldb_context *sam_ldb,
 				      struct ldb_message *orig,
 				      struct ldb_message *dest,
 				      const char *attribute,
@@ -1427,7 +1428,6 @@ static NTSTATUS update_uint32_t_value(TALLOC_CTX *mem_ctx,
 {
 	const struct ldb_val *orig_val;
 	uint32_t orig_uint = 0;
-	char *str_val;
 	int flags = 0;
 	int ret;
 
@@ -1455,11 +1455,7 @@ static NTSTATUS update_uint32_t_value(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	str_val = talloc_asprintf(mem_ctx, "%u", value);
-	if (!str_val) {
-		return NT_STATUS_NO_MEMORY;
-	}
-	ret = ldb_msg_add_steal_string(dest, attribute, str_val);
+	ret = samdb_msg_add_uint(sam_ldb, dest, dest, attribute, value);
 	if (ret != LDB_SUCCESS) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -1721,7 +1717,8 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
 	msg->dn = dom_msg->dn;
 
 	if (posix_offset) {
-		nt_status = update_uint32_t_value(mem_ctx, dom_msg, msg,
+		nt_status = update_uint32_t_value(mem_ctx, p_state->sam_ldb,
+						  dom_msg, msg,
 						  "trustPosixOffset",
 						  *posix_offset, NULL);
 		if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1735,7 +1732,8 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
 		uint32_t tmp;
 		int origtype;
 
-		nt_status = update_uint32_t_value(mem_ctx, dom_msg, msg,
+		nt_status = update_uint32_t_value(mem_ctx, p_state->sam_ldb,
+						  dom_msg, msg,
 						  "trustDirection",
 						  info_ex->trust_direction,
 						  &origdir);
@@ -1766,7 +1764,8 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 
-		nt_status = update_uint32_t_value(mem_ctx, dom_msg, msg,
+		nt_status = update_uint32_t_value(mem_ctx, p_state->sam_ldb,
+						  dom_msg, msg,
 						  "trustAttributes",
 						  info_ex->trust_attributes,
 						  &origattrs);
@@ -1785,7 +1784,8 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
 	}
 
 	if (enc_types) {
-		nt_status = update_uint32_t_value(mem_ctx, dom_msg, msg,
+		nt_status = update_uint32_t_value(mem_ctx, p_state->sam_ldb,
+						  dom_msg, msg,
 						  "msDS-SupportedEncryptionTypes",
 						  *enc_types, NULL);
 		if (!NT_STATUS_IS_OK(nt_status)) {