summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_samr.h16
-rw-r--r--source3/rpc_parse/parse_samr.c120
-rw-r--r--source3/rpc_server/srv_samr_nt.c44
3 files changed, 126 insertions, 54 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 20a4f5b8a0..18b0a8c143 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -816,8 +816,8 @@ typedef struct samr_str_entry_info2
typedef struct sam_entry_info_2
{
- SAM_ENTRY2 sam[MAX_SAM_ENTRIES];
- SAM_STR2 str[MAX_SAM_ENTRIES];
+ SAM_ENTRY2 *sam;
+ SAM_STR2 *str;
} SAM_DISPINFO_2;
@@ -845,8 +845,8 @@ typedef struct samr_str_entry_info3
typedef struct sam_entry_info_3
{
- SAM_ENTRY3 sam[MAX_SAM_ENTRIES];
- SAM_STR3 str[MAX_SAM_ENTRIES];
+ SAM_ENTRY3 *sam;
+ SAM_STR3 *str;
} SAM_DISPINFO_3;
@@ -868,8 +868,8 @@ typedef struct samr_str_entry_info4
typedef struct sam_entry_info_4
{
- SAM_ENTRY4 sam[MAX_SAM_ENTRIES];
- SAM_STR4 str[MAX_SAM_ENTRIES];
+ SAM_ENTRY4 *sam;
+ SAM_STR4 *str;
} SAM_DISPINFO_4;
@@ -891,8 +891,8 @@ typedef struct samr_str_entry_info5
typedef struct sam_entry_info_5
{
- SAM_ENTRY5 sam[MAX_SAM_ENTRIES];
- SAM_STR5 str[MAX_SAM_ENTRIES];
+ SAM_ENTRY5 *sam;
+ SAM_STR5 *str;
} SAM_DISPINFO_5;
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index c4fd679003..b173b34403 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -1386,7 +1386,7 @@ BOOL samr_io_q_query_dispinfo(char *desc, SAMR_Q_QUERY_DISPINFO * q_e,
inits a SAM_DISPINFO_1 structure.
********************************************************************/
-void init_sam_dispinfo_1(SAM_DISPINFO_1 * sam, uint32 *num_entries,
+uint32 init_sam_dispinfo_1(TALLOC_CTX *ctx, SAM_DISPINFO_1 *sam, uint32 *num_entries,
uint32 *data_size, uint32 start_idx,
SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES])
{
@@ -1403,7 +1403,19 @@ void init_sam_dispinfo_1(SAM_DISPINFO_1 * sam, uint32 *num_entries,
DEBUG(5, ("init_sam_dispinfo_1: max_entries: %d max_dsize: 0x%x\n",
max_entries, max_data_size));
+ sam->sam=(SAM_ENTRY1 *)talloc(ctx, max_entries*sizeof(SAM_ENTRY1));
+ if (!sam->sam)
+ return NT_STATUS_NO_MEMORY;
+
+ sam->str=(SAM_STR1 *)talloc(ctx, max_entries*sizeof(SAM_STR1));
+ if (!sam->str)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(sam->sam);
+ ZERO_STRUCTP(sam->str);
+
for (i = 0; (i < max_entries) && (dsize < max_data_size); i++) {
+ DEBUG(5, ("init_sam_dispinfo_1: entry: %d\n",i));
len_sam_name = pass[i].uni_user_name.uni_str_len;
len_sam_full = pass[i].uni_full_name.uni_str_len;
len_sam_desc = pass[i].uni_acct_desc.uni_str_len;
@@ -1412,6 +1424,10 @@ void init_sam_dispinfo_1(SAM_DISPINFO_1 * sam, uint32 *num_entries,
len_sam_name, len_sam_full, len_sam_desc,
pass[i].user_rid, pass[i].acb_info);
+ ZERO_STRUCTP(&sam->str[i].uni_acct_name);
+ ZERO_STRUCTP(&sam->str[i].uni_full_name);
+ ZERO_STRUCTP(&sam->str[i].uni_acct_desc);
+
copy_unistr2(&sam->str[i].uni_acct_name, &pass[i].uni_user_name);
copy_unistr2(&sam->str[i].uni_full_name, &pass[i].uni_full_name);
copy_unistr2(&sam->str[i].uni_acct_desc, &pass[i].uni_acct_desc);
@@ -1422,6 +1438,8 @@ void init_sam_dispinfo_1(SAM_DISPINFO_1 * sam, uint32 *num_entries,
*num_entries = i;
*data_size = dsize;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -1477,7 +1495,7 @@ static BOOL sam_io_sam_dispinfo_1(char *desc, SAM_DISPINFO_1 * sam,
inits a SAM_DISPINFO_2 structure.
********************************************************************/
-void init_sam_dispinfo_2(SAM_DISPINFO_2 * sam, uint32 *num_entries,
+uint32 init_sam_dispinfo_2(TALLOC_CTX *ctx, SAM_DISPINFO_2 *sam, uint32 *num_entries,
uint32 *data_size, uint32 start_idx,
SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES])
{
@@ -1493,6 +1511,15 @@ void init_sam_dispinfo_2(SAM_DISPINFO_2 * sam, uint32 *num_entries,
max_entries = *num_entries;
max_data_size = *data_size;
+ if (!(sam->sam=(SAM_ENTRY2 *)talloc(ctx, max_entries*sizeof(SAM_ENTRY2))))
+ return NT_STATUS_NO_MEMORY;
+
+ if (!(sam->str=(SAM_STR2 *)talloc(ctx, max_entries*sizeof(SAM_STR2))))
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(sam->sam);
+ ZERO_STRUCTP(sam->str);
+
for (i = 0; (i < max_entries) && (dsize < max_data_size); i++) {
len_sam_name = pass[i].uni_user_name.uni_str_len;
len_sam_desc = pass[i].uni_acct_desc.uni_str_len;
@@ -1501,10 +1528,11 @@ void init_sam_dispinfo_2(SAM_DISPINFO_2 * sam, uint32 *num_entries,
len_sam_name, len_sam_desc,
pass[i].user_rid, pass[i].acb_info);
- copy_unistr2(&sam->str[i].uni_srv_name,
- &pass[i].uni_user_name);
- copy_unistr2(&sam->str[i].uni_srv_desc,
- &pass[i].uni_acct_desc);
+ ZERO_STRUCTP(&sam->str[i].uni_srv_name);
+ ZERO_STRUCTP(&sam->str[i].uni_srv_desc);
+
+ copy_unistr2(&sam->str[i].uni_srv_name, &pass[i].uni_user_name);
+ copy_unistr2(&sam->str[i].uni_srv_desc, &pass[i].uni_acct_desc);
dsize += sizeof(SAM_ENTRY2);
dsize += len_sam_name + len_sam_desc;
@@ -1512,6 +1540,8 @@ void init_sam_dispinfo_2(SAM_DISPINFO_2 * sam, uint32 *num_entries,
*num_entries = i;
*data_size = dsize;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -1554,7 +1584,7 @@ static BOOL sam_io_sam_dispinfo_2(char *desc, SAM_DISPINFO_2 * sam,
inits a SAM_DISPINFO_3 structure.
********************************************************************/
-void init_sam_dispinfo_3(SAM_DISPINFO_3 * sam, uint32 *num_entries,
+uint32 init_sam_dispinfo_3(TALLOC_CTX *ctx, SAM_DISPINFO_3 *sam, uint32 *num_entries,
uint32 *data_size, uint32 start_idx,
DOMAIN_GRP * grp)
{
@@ -1570,6 +1600,15 @@ void init_sam_dispinfo_3(SAM_DISPINFO_3 * sam, uint32 *num_entries,
max_entries = *num_entries;
max_data_size = *data_size;
+ if (!(sam->sam=(SAM_ENTRY3 *)talloc(ctx, max_entries*sizeof(SAM_ENTRY3))))
+ return NT_STATUS_NO_MEMORY;
+
+ if (!(sam->str=(SAM_STR3 *)talloc(ctx, max_entries*sizeof(SAM_STR3))))
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(sam->sam);
+ ZERO_STRUCTP(sam->str);
+
for (i = 0; (i < max_entries) && (dsize < max_data_size); i++) {
len_sam_name = strlen(grp[i].name);
len_sam_desc = strlen(grp[i].comment);
@@ -1586,6 +1625,8 @@ void init_sam_dispinfo_3(SAM_DISPINFO_3 * sam, uint32 *num_entries,
*num_entries = i;
*data_size = dsize;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -1628,7 +1669,7 @@ static BOOL sam_io_sam_dispinfo_3(char *desc, SAM_DISPINFO_3 * sam,
inits a SAM_DISPINFO_4 structure.
********************************************************************/
-void init_sam_dispinfo_4(SAM_DISPINFO_4 * sam, uint32 *num_entries,
+uint32 init_sam_dispinfo_4(TALLOC_CTX *ctx, SAM_DISPINFO_4 *sam, uint32 *num_entries,
uint32 *data_size, uint32 start_idx,
SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES])
{
@@ -1645,16 +1686,22 @@ void init_sam_dispinfo_4(SAM_DISPINFO_4 * sam, uint32 *num_entries,
max_entries = *num_entries;
max_data_size = *data_size;
+ if (!(sam->sam=(SAM_ENTRY4 *)talloc(ctx, max_entries*sizeof(SAM_ENTRY4))))
+ return NT_STATUS_NO_MEMORY;
+
+ if (!(sam->str=(SAM_STR4 *)talloc(ctx, max_entries*sizeof(SAM_STR4))))
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(sam->sam);
+ ZERO_STRUCTP(sam->str);
+
for (i = 0; (i < max_entries) && (dsize < max_data_size); i++) {
len_sam_name = pass[i].uni_user_name.uni_str_len;
- init_sam_entry4(&sam->sam[i], start_idx + i + 1,
- len_sam_name);
-
- unistr2_to_ascii(sam_name, &pass[i].uni_user_name,
- sizeof(sam_name));
- init_string2(&sam->str[i].acct_name, sam_name,
- len_sam_name);
+ init_sam_entry4(&sam->sam[i], start_idx + i + 1, len_sam_name);
+
+ unistr2_to_ascii(sam_name, &pass[i].uni_user_name, sizeof(sam_name));
+ init_string2(&sam->str[i].acct_name, sam_name, len_sam_name);
dsize += sizeof(SAM_ENTRY4);
dsize += len_sam_name;
@@ -1662,6 +1709,8 @@ void init_sam_dispinfo_4(SAM_DISPINFO_4 * sam, uint32 *num_entries,
*num_entries = i;
*data_size = dsize;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -1705,7 +1754,7 @@ static BOOL sam_io_sam_dispinfo_4(char *desc, SAM_DISPINFO_4 * sam,
inits a SAM_DISPINFO_5 structure.
********************************************************************/
-void init_sam_dispinfo_5(SAM_DISPINFO_5 * sam, uint32 *num_entries,
+uint32 init_sam_dispinfo_5(TALLOC_CTX *ctx, SAM_DISPINFO_5 *sam, uint32 *num_entries,
uint32 *data_size, uint32 start_idx,
DOMAIN_GRP * grp)
{
@@ -1721,14 +1770,20 @@ void init_sam_dispinfo_5(SAM_DISPINFO_5 * sam, uint32 *num_entries,
max_entries = *num_entries;
max_data_size = *data_size;
+ if (!(sam->sam=(SAM_ENTRY5 *)talloc(ctx, max_entries*sizeof(SAM_ENTRY5))))
+ return NT_STATUS_NO_MEMORY;
+
+ if (!(sam->str=(SAM_STR5 *)talloc(ctx, max_entries*sizeof(SAM_STR5))))
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(sam->sam);
+ ZERO_STRUCTP(sam->str);
+
for (i = 0; (i < max_entries) && (dsize < max_data_size); i++) {
len_sam_name = strlen(grp[i].name);
- init_sam_entry5(&sam->sam[i], start_idx + i + 1,
- len_sam_name);
-
- init_string2(&sam->str[i].grp_name, grp[i].name,
- len_sam_name);
+ init_sam_entry5(&sam->sam[i], start_idx + i + 1, len_sam_name);
+ init_string2(&sam->str[i].grp_name, grp[i].name, len_sam_name);
dsize += sizeof(SAM_ENTRY5);
dsize += len_sam_name;
@@ -1736,6 +1791,8 @@ void init_sam_dispinfo_5(SAM_DISPINFO_5 * sam, uint32 *num_entries,
*num_entries = i;
*data_size = dsize;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -4302,7 +4359,7 @@ BOOL samr_io_r_query_aliasmem(char *desc, SAMR_R_QUERY_ALIASMEM * r_u,
inits a SAMR_Q_LOOKUP_NAMES structure.
********************************************************************/
-void init_samr_q_lookup_names(TALLOC_CTX *ctx, SAMR_Q_LOOKUP_NAMES * q_u,
+uint32 init_samr_q_lookup_names(TALLOC_CTX *ctx, SAMR_Q_LOOKUP_NAMES * q_u,
POLICY_HND *pol, uint32 flags,
uint32 num_names, char **name)
{
@@ -4317,14 +4374,19 @@ void init_samr_q_lookup_names(TALLOC_CTX *ctx, SAMR_Q_LOOKUP_NAMES * q_u,
q_u->ptr = 0;
q_u->num_names2 = num_names;
- q_u->hdr_name = (UNIHDR *)talloc_zero(ctx, num_names * sizeof(UNIHDR));
- q_u->uni_name = (UNISTR2 *)talloc_zero(ctx, num_names * sizeof(UNISTR2));
+ if (!(q_u->hdr_name = (UNIHDR *)talloc_zero(ctx, num_names * sizeof(UNIHDR))))
+ return NT_STATUS_NO_MEMORY;
+
+ if (!(q_u->uni_name = (UNISTR2 *)talloc_zero(ctx, num_names * sizeof(UNISTR2))))
+ return NT_STATUS_NO_MEMORY;
for (i = 0; i < num_names; i++) {
int len_name = name[i] != NULL ? strlen(name[i]) : 0;
init_uni_hdr(&q_u->hdr_name[i], len_name); /* unicode header for user_name */
init_unistr2(&q_u->uni_name[i], name[i], len_name); /* unicode string for machine account */
}
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -4386,7 +4448,7 @@ BOOL samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES * q_u,
inits a SAMR_R_LOOKUP_NAMES structure.
********************************************************************/
-void init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
+uint32 init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
uint32 num_rids,
uint32 *rid, uint32 *type,
uint32 status)
@@ -4404,8 +4466,10 @@ void init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
r_u->ptr_rids = 1;
r_u->num_rids2 = num_rids;
- r_u->rids = (uint32 *)talloc_zero(ctx, sizeof(uint32)*num_rids);
- r_u->types = (uint32 *)talloc_zero(ctx, sizeof(uint32)*num_rids);
+ if (!(r_u->rids = (uint32 *)talloc_zero(ctx, sizeof(uint32)*num_rids)))
+ return NT_STATUS_NO_MEMORY;
+ if (!(r_u->types = (uint32 *)talloc_zero(ctx, sizeof(uint32)*num_rids)))
+ return NT_STATUS_NO_MEMORY;
if (!r_u->rids || !r_u->types)
goto empty;
@@ -4430,6 +4494,8 @@ void init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
}
r_u->status = status;
+
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 502774e986..5106271c60 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -770,7 +770,7 @@ static void make_group_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp, UNIST
Get the group entries - similar to get_sampwd_entries().
********************************************************************/
-static BOOL get_group_alias_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 start_idx,
+static BOOL get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 start_idx,
uint32 *p_num_entries, uint32 max_entries)
{
fstring sid_str;
@@ -789,7 +789,7 @@ static BOOL get_group_alias_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 sta
enum_group_mapping(SID_NAME_WKN_GRP, &map, &num_entries, ENUM_ONLY_MAPPED);
- *d_grp=(DOMAIN_GRP *)malloc(num_entries*sizeof(DOMAIN_GRP));
+ *d_grp=(DOMAIN_GRP *)talloc(ctx, num_entries*sizeof(DOMAIN_GRP));
if (*d_grp==NULL)
return NT_STATUS_NO_MEMORY;
@@ -862,7 +862,7 @@ static BOOL get_group_alias_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 sta
continue;
}
- *d_grp=Realloc(*d_grp, (num_entries+1)*sizeof(DOMAIN_GRP));
+ *d_grp=talloc_realloc(ctx,*d_grp, (num_entries+1)*sizeof(DOMAIN_GRP));
if (*d_grp==NULL) {
grent_free(glist);
return NT_STATUS_NO_MEMORY;
@@ -885,7 +885,7 @@ static BOOL get_group_alias_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 sta
Get the group entries - similar to get_sampwd_entries().
********************************************************************/
-static BOOL get_group_domain_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 start_idx,
+static BOOL get_group_domain_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 start_idx,
uint32 *p_num_entries, uint32 max_entries)
{
GROUP_MAP *map=NULL;
@@ -896,7 +896,7 @@ static BOOL get_group_domain_entries(DOMAIN_GRP **d_grp, DOM_SID *sid, uint32 st
enum_group_mapping(SID_NAME_DOM_GRP, &map, &num_entries, ENUM_ONLY_MAPPED);
- *d_grp=(DOMAIN_GRP *)malloc(num_entries*sizeof(DOMAIN_GRP));
+ *d_grp=(DOMAIN_GRP *)talloc(ctx, num_entries*sizeof(DOMAIN_GRP));
if (*d_grp==NULL)
return False;
@@ -934,7 +934,7 @@ uint32 _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAMR_
DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
/* the domain group array is being allocated in the function below */
- get_group_domain_entries(&grp, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES);
+ get_group_domain_entries(p->mem_ctx, &grp, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES);
make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name, num_entries, grp);
@@ -967,7 +967,7 @@ uint32 _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, SAM
sid_to_string(sid_str, &sid);
DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
- if (!get_group_alias_entries(&grp, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES))
+ if (!get_group_alias_entries(p->mem_ctx, &grp, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES))
return NT_STATUS_ACCESS_DENIED;
make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name, num_entries, grp);
@@ -1042,7 +1042,7 @@ uint32 _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_
break;
case 0x3:
case 0x5:
- ret = get_group_domain_entries(&grps, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES);
+ ret = get_group_domain_entries(p->mem_ctx, &grps, &sid, q_u->start_idx, &num_entries, MAX_SAM_ENTRIES);
if (!ret)
return NT_STATUS_ACCESS_DENIED;
break;
@@ -1066,30 +1066,36 @@ uint32 _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_
data_size = q_u->max_size;
orig_num_entries = num_entries;
- ctr = (SAM_DISPINFO_CTR *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_CTR));
+ if (!(ctr = (SAM_DISPINFO_CTR *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_CTR))))
+ return NT_STATUS_NO_MEMORY;
/* Now create reply structure */
switch (q_u->switch_level) {
case 0x1:
- ctr->sam.info1 = (SAM_DISPINFO_1 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_1));
- init_sam_dispinfo_1(ctr->sam.info1, &num_entries, &data_size, q_u->start_idx, pass);
+ if (!(ctr->sam.info1 = (SAM_DISPINFO_1 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_1))))
+ return NT_STATUS_NO_MEMORY;
+ init_sam_dispinfo_1(p->mem_ctx, ctr->sam.info1, &num_entries, &data_size, q_u->start_idx, pass);
break;
case 0x2:
- ctr->sam.info2 = (SAM_DISPINFO_2 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_2));
- init_sam_dispinfo_2(ctr->sam.info2, &num_entries, &data_size, q_u->start_idx, pass);
+ if (!(ctr->sam.info2 = (SAM_DISPINFO_2 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_2))))
+ return NT_STATUS_NO_MEMORY;
+ init_sam_dispinfo_2(p->mem_ctx, ctr->sam.info2, &num_entries, &data_size, q_u->start_idx, pass);
break;
case 0x3:
- ctr->sam.info3 = (SAM_DISPINFO_3 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_3));
- init_sam_dispinfo_3(ctr->sam.info3, &num_entries, &data_size, q_u->start_idx, grps);
+ if (!(ctr->sam.info3 = (SAM_DISPINFO_3 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_3))))
+ return NT_STATUS_NO_MEMORY;
+ init_sam_dispinfo_3(p->mem_ctx, ctr->sam.info3, &num_entries, &data_size, q_u->start_idx, grps);
safe_free(grps);
break;
case 0x4:
- ctr->sam.info4 = (SAM_DISPINFO_4 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_4));
- init_sam_dispinfo_4(ctr->sam.info4, &num_entries, &data_size, q_u->start_idx, pass);
+ if (!(ctr->sam.info4 = (SAM_DISPINFO_4 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_4))))
+ return NT_STATUS_NO_MEMORY;
+ init_sam_dispinfo_4(p->mem_ctx, ctr->sam.info4, &num_entries, &data_size, q_u->start_idx, pass);
break;
case 0x5:
- ctr->sam.info5 = (SAM_DISPINFO_5 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_5));
- init_sam_dispinfo_5(ctr->sam.info5, &num_entries, &data_size, q_u->start_idx, grps);
+ if (!(ctr->sam.info5 = (SAM_DISPINFO_5 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_5))))
+ return NT_STATUS_NO_MEMORY;
+ init_sam_dispinfo_5(p->mem_ctx, ctr->sam.info5, &num_entries, &data_size, q_u->start_idx, grps);
safe_free(grps);
break;
default: