diff options
-rw-r--r-- | source3/libnet/libnet_samsync_ldif.c | 7 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 85 |
2 files changed, 67 insertions, 25 deletions
diff --git a/source3/libnet/libnet_samsync_ldif.c b/source3/libnet/libnet_samsync_ldif.c index c72eadf03f..3068f8d3eb 100644 --- a/source3/libnet/libnet_samsync_ldif.c +++ b/source3/libnet/libnet_samsync_ldif.c @@ -586,7 +586,7 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx, uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; time_t unix_time; - int i; + int i, ret; memset(zero_buf, '\0', sizeof(zero_buf)); @@ -660,7 +660,10 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } gidNumber = groupmap[i].gidNumber; - snprintf(sambaSID, sizeof(sambaSID), groupmap[i].sambaSID); + ret = snprintf(sambaSID, sizeof(sambaSID), "%s", groupmap[i].sambaSID); + if (ret < 0 || ret == sizeof(sambaSID)) { + return NT_STATUS_UNSUCCESSFUL; + } /* Set up sambaAcctFlags */ flags = pdb_encode_acct_ctrl(r->acct_flags, diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 8367d6a9ad..bb0daaa3f4 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -686,12 +686,16 @@ NTSTATUS local_password_change(const char *user_name, } if (!NT_STATUS_IS_OK(result)) { - asprintf(pp_err_str, "Failed to " "initialize account for user %s: %s\n", - user_name, nt_errstr(result)); + if (asprintf(pp_err_str, "Failed to " "initialize account for user %s: %s\n", + user_name, nt_errstr(result)) < 0) { + *pp_err_str = NULL; + } return result; } } else { - asprintf(pp_err_str, "Failed to find entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to find entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } return NT_STATUS_NO_SUCH_USER; } } else { @@ -704,19 +708,25 @@ NTSTATUS local_password_change(const char *user_name, other_acb = (pdb_get_acct_ctrl(sam_pass) & (~(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL))); if (local_flags & LOCAL_TRUST_ACCOUNT) { if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb, PDB_CHANGED) ) { - asprintf(pp_err_str, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) { if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'domain trust account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'domain trust account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else { if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'normal account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'normal account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -729,13 +739,17 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_DISABLE_USER) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_ENABLE_USER) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -743,7 +757,9 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_SET_NO_PASSWORD) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'no password required' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'no password required' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -759,19 +775,25 @@ NTSTATUS local_password_change(const char *user_name, */ if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED)) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'no password required' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'no password required' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) { - asprintf(pp_err_str, "Failed to set password for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set password for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -779,34 +801,51 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_ADD_USER) { if (NT_STATUS_IS_OK(pdb_add_sam_account(sam_pass))) { - asprintf(pp_msg_str, "Added user %s.\n", user_name); + if (asprintf(pp_msg_str, "Added user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_OK; } else { - asprintf(pp_err_str, "Failed to add entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to add entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_DELETE_USER) { if (!NT_STATUS_IS_OK(pdb_delete_sam_account(sam_pass))) { - asprintf(pp_err_str, "Failed to delete entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to delete entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } - asprintf(pp_msg_str, "Deleted user %s.\n", user_name); + if (asprintf(pp_msg_str, "Deleted user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } } else { result = pdb_update_sam_account(sam_pass); if(!NT_STATUS_IS_OK(result)) { - asprintf(pp_err_str, "Failed to modify entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to modify entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return result; } - if(local_flags & LOCAL_DISABLE_USER) - asprintf(pp_msg_str, "Disabled user %s.\n", user_name); - else if (local_flags & LOCAL_ENABLE_USER) - asprintf(pp_msg_str, "Enabled user %s.\n", user_name); - else if (local_flags & LOCAL_SET_NO_PASSWORD) - asprintf(pp_msg_str, "User %s password set to none.\n", user_name); + if(local_flags & LOCAL_DISABLE_USER) { + if (asprintf(pp_msg_str, "Disabled user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } else if (local_flags & LOCAL_ENABLE_USER) { + if (asprintf(pp_msg_str, "Enabled user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } else if (local_flags & LOCAL_SET_NO_PASSWORD) { + if (asprintf(pp_msg_str, "User %s password set to none.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } } TALLOC_FREE(sam_pass); |