diff options
-rw-r--r-- | source3/printing/nt_printing.c | 21 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 3 | ||||
-rw-r--r-- | source3/rpc_parse/parse_sec.c | 17 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 2 | ||||
-rw-r--r-- | source3/smbd/lanman.c | 2 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 5 | ||||
-rw-r--r-- | source3/smbd/pipes.c | 2 | ||||
-rw-r--r-- | source3/tdb/tdbutil.c | 12 |
8 files changed, 45 insertions, 19 deletions
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 768e97ffdb..991f66a8ac 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1465,7 +1465,7 @@ uint32 nt_printing_setsec(char *printername, SEC_DESC_BUF *secdesc_ctr) fstring key; uint32 status; - prs_init(&ps, (uint32)sec_desc_size(secdesc_ctr->sec), 4, MARSHALL); + prs_init(&ps, (uint32)sec_desc_size(secdesc_ctr->sec) + sizeof(SEC_DESC_BUF), 4, MARSHALL); if (!sec_io_desc_buf("nt_printing_setsec", &secdesc_ctr, &ps, 1)) { status = ERROR_INVALID_FUNCTION; @@ -1493,11 +1493,22 @@ uint32 nt_printing_setsec(char *printername, SEC_DESC_BUF *secdesc_ctr) static SEC_DESC_BUF *construct_default_printer_sdb(void) { extern DOM_SID global_sid_World; + SEC_ACE ace; + SEC_ACCESS sa; + SEC_ACL *psa = NULL; SEC_DESC_BUF *sdb = NULL; + SEC_DESC *psd = NULL; size_t sd_size; - SEC_DESC *psd = make_sec_desc(1, SEC_DESC_SELF_RELATIVE|SEC_DESC_DACL_PRESENT, - &global_sid_World, &global_sid_World, - NULL, NULL, &sd_size); + + init_sec_access(&sa,PRINTER_ALL_ACCESS); + init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0); + + if ((psa = make_sec_acl( 3, 1, &ace)) != NULL) { + psd = make_sec_desc(1, SEC_DESC_SELF_RELATIVE|SEC_DESC_DACL_PRESENT, + &global_sid_World, &global_sid_World, + NULL, psa, &sd_size); + free_sec_acl(&psa); + } if (!psd) { DEBUG(0,("construct_default_printer_sd: Failed to make SEC_DESC.\n")); @@ -1506,6 +1517,8 @@ static SEC_DESC_BUF *construct_default_printer_sdb(void) sdb = make_sec_desc_buf(sd_size, psd); + DEBUG(4,("construct_default_printer_sdb: size = %u.\n", (unsigned int)sd_size)); + free_sec_desc(&psd); return sdb; } diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index d277182043..b7fe19f9ab 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -201,6 +201,9 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space) if(UNMARSHALLING(ps) || !ps->is_dynamic) { DEBUG(0,("prs_grow: Buffer overflow - unable to expand buffer by %u bytes.\n", (unsigned int)extra_space)); + /* JRATEST */ + smb_panic("prs_grow"); + /* JRATEST */ return False; } diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c index 51cf52f706..25450e0b19 100644 --- a/source3/rpc_parse/parse_sec.c +++ b/source3/rpc_parse/parse_sec.c @@ -431,11 +431,16 @@ BOOL sec_io_desc(char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth) psd = *ppsd; - if(UNMARSHALLING(ps) && psd == NULL) { - if((psd = (SEC_DESC *)malloc(sizeof(SEC_DESC))) == NULL) - return False; - ZERO_STRUCTP(psd); - *ppsd = psd; + if (psd == NULL) { + if(UNMARSHALLING(ps)) { + if((psd = (SEC_DESC *)malloc(sizeof(SEC_DESC))) == NULL) + return False; + ZERO_STRUCTP(psd); + *ppsd = psd; + } else { + /* Marshalling - just ignore. */ + return True; + } } prs_debug(ps, depth, desc, "sec_io_desc"); @@ -629,7 +634,7 @@ BOOL sec_io_desc_buf(char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth old_offset = prs_offset(ps); /* reading, length is non-zero; writing, descriptor is non-NULL */ - if ((psdb->len != 0 || MARSHALLING(ps)) && psdb->sec != NULL) { + if ((UNMARSHALLING(ps) && psdb->len != 0) || (MARSHALLING(ps) && psdb->sec != NULL)) { if(!sec_io_desc("sec ", &psdb->sec, ps, depth)) return False; } diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index b341dbe12a..e3552c3879 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1971,6 +1971,8 @@ static BOOL construct_printer_info_3(fstring servername, DEBUG(0,("construct_printer_info_3: malloc fail.\n")); return False; } + + ZERO_STRUCTP(printer); printer->flags = 4; /* This is the offset to the SEC_DESC. */ if (ntprinter->info_2->secdesc_buf->len != 0) { diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fe2cc3ae7d..cfc0e08d47 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -776,6 +776,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, desc.subcount = count; fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); } else if(uLevel == 0) { +#if 0 /* * This is a *disgusting* hack. * This is *so* bad that even I'm embarrassed (and I @@ -795,6 +796,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, */ fail_next_srvsvc_open(); +#endif } *rdata_len = desc.usedlen; diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index e3874e1b3e..aad09a75b6 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -487,6 +487,7 @@ to open_mode %x\n", (unsigned long)desired_access, (unsigned long)share_access, return smb_open_mode; } +#if 0 /* * This is a *disgusting* hack. * This is *so* bad that even I'm embarrassed (and I @@ -547,7 +548,7 @@ BOOL should_fail_next_srvsvc_open(const char *pipename) } return False; } - +#endif /**************************************************************************** Reply to an NT create and X call on a pipe. @@ -573,8 +574,10 @@ static int nt_open_pipe(char *fname, connection_struct *conn, /* Strip \\ off the name. */ fname++; +#if 0 if(should_fail_next_srvsvc_open(fname)) return (ERROR(ERRSRV,ERRaccess)); +#endif DEBUG(3,("nt_open_pipe: Known pipe %s opening.\n", fname)); diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index c1d5c261fe..df7141764c 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -74,11 +74,13 @@ int reply_open_pipe_and_X(connection_struct *conn, /* Strip \PIPE\ off the name. */ pstrcpy(fname,smb_buf(inbuf) + PIPELEN); +#if 0 /* * Hack for NT printers... JRA. */ if(should_fail_next_srvsvc_open(fname)) return(ERROR(ERRSRV,ERRaccess)); +#endif /* Known pipes arrive with DIR attribs. Remove it so a regular file */ /* can be opened and add it in after the open. */ diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c index 5675061b37..d2eb6b5ec7 100644 --- a/source3/tdb/tdbutil.c +++ b/source3/tdb/tdbutil.c @@ -258,8 +258,8 @@ int tdb_prs_store(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps) TDB_DATA kbuf, dbuf; kbuf.dptr = keystr; kbuf.dsize = strlen(keystr)+1; - dbuf.dptr = ps->data_p; - dbuf.dsize = ps->data_offset; + dbuf.dptr = prs_data_p(ps); + dbuf.dsize = prs_offset(ps); return tdb_store(tdb, kbuf, dbuf, TDB_REPLACE); } @@ -275,12 +275,8 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps) if (!dbuf.dptr) return -1; ZERO_STRUCTP(ps); - ps->io = UNMARSHALL; - ps->align = 4; - ps->data_p = dbuf.dptr; - ps->data_offset = 0; - ps->buffer_size = dbuf.dsize; - ps->grow_size = dbuf.dsize; + prs_init(ps, 0, 4, UNMARSHALL); + prs_give_memory(ps, dbuf.dptr, dbuf.dsize, True); return 0; } |