diff options
| -rw-r--r-- | source3/auth/auth_server.c | 9 | ||||
| -rw-r--r-- | source3/auth/auth_util.c | 87 | ||||
| -rw-r--r-- | source3/auth/user_krb5.c | 35 | ||||
| -rw-r--r-- | source3/auth/user_util.c | 101 | ||||
| -rw-r--r-- | source3/include/proto.h | 8 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 33 | ||||
| -rw-r--r-- | source3/smbd/password.c | 6 | ||||
| -rw-r--r-- | source3/smbd/service.c | 19 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 9 | ||||
| -rw-r--r-- | source3/smbd/share_access.c | 2 |
10 files changed, 208 insertions, 101 deletions
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 4ce0336ccc..ac757d5a35 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -429,14 +429,15 @@ use this machine as the password server.\n")); cli_ulogoff(cli); if (NT_STATUS_IS_OK(nt_status)) { - fstring real_username; - struct passwd *pass; + char *real_username = NULL; + struct passwd *pass = NULL; - if ( (pass = smb_getpwnam( NULL, user_info->mapped.account_name, - real_username, True )) != NULL ) + if ( (pass = smb_getpwnam(talloc_tos(), user_info->mapped.account_name, + &real_username, True )) != NULL ) { nt_status = make_server_info_pw(server_info, pass->pw_name, pass); TALLOC_FREE(pass); + TALLOC_FREE(real_username); } else { diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 2fcee89bbb..c319edf57f 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -96,9 +96,12 @@ NTSTATUS make_user_info_map(struct auth_usersupplied_info **user_info, const char *domain; NTSTATUS result; bool was_mapped; - fstring internal_username; - fstrcpy(internal_username, smb_name); - was_mapped = map_username(internal_username); + char *internal_username = NULL; + + was_mapped = map_username(talloc_tos(), smb_name, &internal_username); + if (!internal_username) { + return NT_STATUS_NO_MEMORY; + } DEBUG(5, ("Mapping user [%s]\\[%s] from workstation [%s]\n", client_domain, smb_name, workstation_name)); @@ -974,27 +977,45 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, struct passwd **pwd, bool *username_was_mapped) { - fstring dom_user, lower_username; - fstring real_username; + char *orig_dom_user = NULL; + char *dom_user = NULL; + char *lower_username = NULL; + char *real_username = NULL; struct passwd *passwd; - fstrcpy( lower_username, username ); + lower_username = talloc_strdup(mem_ctx, username); + if (!lower_username) { + return NT_STATUS_NO_MEMORY; + } strlower_m( lower_username ); - fstr_sprintf(dom_user, "%s%c%s", domain, *lp_winbind_separator(), - lower_username); + orig_dom_user = talloc_asprintf(mem_ctx, + "%s%c%s", + domain, + *lp_winbind_separator(), + lower_username); + if (!orig_dom_user) { + return NT_STATUS_NO_MEMORY; + } /* Get the passwd struct. Try to create the account if necessary. */ - *username_was_mapped = map_username(dom_user); + *username_was_mapped = map_username(mem_ctx, orig_dom_user, &dom_user); + if (!dom_user) { + return NT_STATUS_NO_MEMORY; + } - passwd = smb_getpwnam( NULL, dom_user, real_username, True ); + passwd = smb_getpwnam(mem_ctx, dom_user, &real_username, True ); if (!passwd) { DEBUG(3, ("Failed to find authenticated user %s via " "getpwnam(), denying access.\n", dom_user)); return NT_STATUS_NO_SUCH_USER; } + if (!real_username) { + return NT_STATUS_NO_MEMORY; + } + *pwd = passwd; /* This is pointless -- there is no suport for differing @@ -1015,31 +1036,31 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, ****************************************************************************/ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, - fstring save_username, bool create ) + char **p_save_username, bool create ) { struct passwd *pw = NULL; - char *p; - fstring username; + char *p = NULL; + char *username = NULL; /* we only save a copy of the username it has been mangled by winbindd use default domain */ - - save_username[0] = '\0'; + *p_save_username = NULL; /* don't call map_username() here since it has to be done higher up the stack so we don't call it multiple times */ - fstrcpy( username, domuser ); + username = talloc_strdup(mem_ctx, domuser); + if (!username) { + return NULL; + } p = strchr_m( username, *lp_winbind_separator() ); /* code for a DOMAIN\user string */ if ( p ) { - fstring strip_username; - pw = Get_Pwnam_alloc( mem_ctx, domuser ); - if ( pw ) { + if ( pw ) { /* make sure we get the case of the username correct */ /* work around 'winbind use default domain = yes' */ @@ -1050,12 +1071,20 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, *p = '\0'; domain = username; - fstr_sprintf(save_username, "%s%c%s", domain, *lp_winbind_separator(), pw->pw_name); + *p_save_username = talloc_asprintf(mem_ctx, + "%s%c%s", + domain, + *lp_winbind_separator(), + pw->pw_name); + if (!*p_save_username) { + TALLOC_FREE(pw); + return NULL; + } + } else { + *p_save_username = talloc_strdup(mem_ctx, pw->pw_name); } - else - fstrcpy( save_username, pw->pw_name ); - /* whew -- done! */ + /* whew -- done! */ return pw; } @@ -1063,8 +1092,10 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, /* remember that p and username are overlapping memory */ p++; - fstrcpy( strip_username, p ); - fstrcpy( username, strip_username ); + username = talloc_strdup(mem_ctx, p); + if (!username) { + return NULL; + } } /* just lookup a plain username */ @@ -1087,9 +1118,9 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, /* one last check for a valid passwd struct */ - if ( pw ) - fstrcpy( save_username, pw->pw_name ); - + if (pw) { + *p_save_username = talloc_strdup(mem_ctx, pw->pw_name); + } return pw; } diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c index 9d6b6a445b..50716fd56b 100644 --- a/source3/auth/user_krb5.c +++ b/source3/auth/user_krb5.c @@ -40,8 +40,8 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, char *realm = NULL; char *user = NULL; char *p; - fstring fuser; - fstring unixuser; + char *fuser = NULL; + char *unixuser = NULL; struct passwd *pw = NULL; DEBUG(3, ("Kerberos ticket principal name is [%s]\n", princ_name)); @@ -109,13 +109,25 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, DEBUG(10, ("Domain is [%s] (using Winbind)\n", domain)); } - /* We have to use fstring for this - map_username requires it. */ - fstr_sprintf(fuser, "%s%c%s", domain, *lp_winbind_separator(), user); + fuser = talloc_asprintf(mem_ctx, + "%s%c%s", + domain, + *lp_winbind_separator(), + user); + if (!fuser) { + return NT_STATUS_NO_MEMORY; + } - *is_mapped = map_username(fuser); + *is_mapped = map_username(mem_ctx, fuser, &fuser); + if (!fuser) { + return NT_STATUS_NO_MEMORY; + } - pw = smb_getpwnam(mem_ctx, fuser, unixuser, true); + pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true); if (pw) { + if (!unixuser) { + return NT_STATUS_NO_MEMORY; + } /* if a real user check pam account restrictions */ /* only really perfomed if "obey pam restriction" is true */ /* do this before an eventual mapping to guest occurs */ @@ -134,8 +146,11 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) { *mapped_to_guest = true; - fstrcpy(fuser, lp_guestaccount()); - pw = smb_getpwnam(mem_ctx, fuser, unixuser, true); + fuser = talloc_strdup(mem_ctx, lp_guestaccount()); + if (!fuser) { + return NT_STATUS_NO_MEMORY; + } + pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true); } /* extra sanity check that the guest account is valid */ @@ -146,6 +161,10 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, } } + if (!unixuser) { + return NT_STATUS_NO_MEMORY; + } + *username = talloc_strdup(mem_ctx, unixuser); if (!*username) { return NT_STATUS_NO_MEMORY; diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c index 3d7123c18e..9ae81fdec8 100644 --- a/source3/auth/user_util.c +++ b/source3/auth/user_util.c @@ -78,7 +78,9 @@ static char *skip_space(char *s) return s; } -static bool fetch_map_from_gencache(fstring user) +static bool fetch_map_from_gencache(TALLOC_CTX *ctx, + const char *user_in, + char **p_user_out) { char *key, *value; bool found; @@ -87,8 +89,8 @@ static bool fetch_map_from_gencache(fstring user) return false; } - key = talloc_asprintf_strupper_m(talloc_tos(), "USERNAME_MAP/%s", - user); + key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s", + user_in); if (key == NULL) { return false; } @@ -97,12 +99,15 @@ static bool fetch_map_from_gencache(fstring user) if (!found) { return false; } - fstrcpy(user, value); - SAFE_FREE(value); + TALLOC_FREE(*p_user_out); + *p_user_out = talloc_strdup(ctx, value); + if (!*p_user_out) { + return false; + } return true; } -static void store_map_in_gencache(const char *from, const char *to) +static void store_map_in_gencache(TALLOC_CTX *ctx, const char *from, const char *to) { char *key; int cache_time = lp_username_map_cache_time(); @@ -111,7 +116,7 @@ static void store_map_in_gencache(const char *from, const char *to) return; } - key = talloc_asprintf_strupper_m(talloc_tos(), "USERNAME_MAP/%s", + key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s", from); if (key == NULL) { return; @@ -125,11 +130,11 @@ static void store_map_in_gencache(const char *from, const char *to) try lower case. ****************************************************************************/ -bool user_in_netgroup(const char *user, const char *ngname) +bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) { #ifdef HAVE_NETGROUP static char *my_yp_domain = NULL; - fstring lowercase_user; + char *lowercase_user = NULL; if (my_yp_domain == NULL) { yp_get_default_domain(&my_yp_domain); @@ -152,7 +157,10 @@ bool user_in_netgroup(const char *user, const char *ngname) * Ok, innetgr is case sensitive. Try once more with lowercase * just in case. Attempt to fix #703. JRA. */ - fstrcpy(lowercase_user, user); + lowercase_user = talloc_strdup(ctx, user); + if (!lowercase_user) { + return false; + } strlower_m(lowercase_user); if (strcmp(user,lowercase_user) == 0) { @@ -176,7 +184,7 @@ bool user_in_netgroup(const char *user, const char *ngname) and netgroup lists. ****************************************************************************/ -bool user_in_list(const char *user,const char **list) +bool user_in_list(TALLOC_CTX *ctx, const char *user,const char **list) { if (!list || !*list) return False; @@ -204,7 +212,7 @@ bool user_in_list(const char *user,const char **list) * Old behaviour. Check netgroup list * followed by UNIX list. */ - if(user_in_netgroup(user, *list +1)) + if(user_in_netgroup(ctx, user, *list +1)) return True; if(user_in_group(user, *list +1)) return True; @@ -216,7 +224,7 @@ bool user_in_list(const char *user,const char **list) */ if(user_in_group(user, *list +2)) return True; - if(user_in_netgroup(user, *list +2)) + if(user_in_netgroup(ctx, user, *list +2)) return True; } else { @@ -235,7 +243,7 @@ bool user_in_list(const char *user,const char **list) /* * Search netgroup list followed by UNIX list. */ - if(user_in_netgroup(user, *list +2)) + if(user_in_netgroup(ctx, user, *list +2)) return True; if(user_in_group(user, *list +2)) return True; @@ -243,7 +251,7 @@ bool user_in_list(const char *user,const char **list) /* * Just search netgroup list. */ - if(user_in_netgroup(user, *list +1)) + if(user_in_netgroup(ctx, user, *list +1)) return True; } } @@ -253,7 +261,7 @@ bool user_in_list(const char *user,const char **list) return(False); } -bool map_username(fstring user) +bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out) { XFILE *f; char *mapfile = lp_username_map(); @@ -262,19 +270,28 @@ bool map_username(fstring user) bool mapped_user = False; char *cmd = lp_username_map_script(); - if (!*user) + *p_user_out = NULL; + + if (!user_in) + return false; + + /* Initially make a copy of the incoming name. */ + *p_user_out = talloc_strdup(ctx, user_in); + if (!*p_user_out) { return false; + } - if (strequal(user,get_last_to())) + if (strequal(user_in,get_last_to())) return false; - if (strequal(user,get_last_from())) { - DEBUG(3,("Mapped user %s to %s\n",user,get_last_to())); - fstrcpy(user,get_last_to()); + if (strequal(user_in,get_last_from())) { + DEBUG(3,("Mapped user %s to %s\n",user_in,get_last_to())); + TALLOC_FREE(*p_user_out); + *p_user_out = talloc_strdup(ctx, get_last_to()); return true; } - if (fetch_map_from_gencache(user)) { + if (fetch_map_from_gencache(ctx, user_in, p_user_out)) { return true; } @@ -285,10 +302,10 @@ bool map_username(fstring user) char *command = NULL; int numlines, ret, fd; - command = talloc_asprintf(talloc_tos(), + command = talloc_asprintf(ctx, "%s \"%s\"", cmd, - user); + user_in); if (!command) { return false; } @@ -306,17 +323,21 @@ bool map_username(fstring user) } numlines = 0; - qlines = fd_lines_load(fd, &numlines, 0, talloc_tos()); + qlines = fd_lines_load(fd, &numlines, 0, ctx); DEBUGADD(10,("Lines returned = [%d]\n", numlines)); close(fd); /* should be either no lines or a single line with the mapped username */ if (numlines && qlines) { - DEBUG(3,("Mapped user %s to %s\n", user, qlines[0] )); - set_last_from_to(user, qlines[0]); - store_map_in_gencache(user, qlines[0]); - fstrcpy( user, qlines[0] ); + DEBUG(3,("Mapped user %s to %s\n", user_in, qlines[0] )); + set_last_from_to(user_in, qlines[0]); + store_map_in_gencache(ctx, user_in, qlines[0]); + TALLOC_FREE(*p_user_out); + *p_user_out = talloc_strdup(ctx, qlines[0]); + if (!*p_user_out) { + return false; + } } TALLOC_FREE(qlines); @@ -367,20 +388,26 @@ bool map_username(fstring user) /* skip lines like 'user = ' */ - dosuserlist = str_list_make_v3(talloc_tos(), dosname, NULL); + dosuserlist = str_list_make_v3(ctx, dosname, NULL); if (!dosuserlist) { DEBUG(0,("Bad username map entry. Unable to build user list. Ignoring.\n")); continue; } if (strchr_m(dosname,'*') || - user_in_list(user, (const char **)dosuserlist)) { - DEBUG(3,("Mapped user %s to %s\n",user,unixname)); + user_in_list(ctx, user_in, (const char **)dosuserlist)) { + DEBUG(3,("Mapped user %s to %s\n",user_in,unixname)); mapped_user = True; - set_last_from_to(user, unixname); - store_map_in_gencache(user, unixname); - fstrcpy( user, unixname ); + set_last_from_to(user_in, unixname); + store_map_in_gencache(ctx, user_in, unixname); + TALLOC_FREE(*p_user_out); + *p_user_out = talloc_strdup(ctx, unixname); + if (!*p_user_out) { + TALLOC_FREE(dosuserlist); + x_fclose(f); + return false; + } if ( return_if_mapped ) { TALLOC_FREE(dosuserlist); @@ -399,8 +426,8 @@ bool map_username(fstring user) * that we don't scan the file again for the same user. */ - set_last_from_to(user, user); - store_map_in_gencache(user, user); + set_last_from_to(user_in, user_in); + store_map_in_gencache(ctx, user_in, user_in); return mapped_user; } diff --git a/source3/include/proto.h b/source3/include/proto.h index 6e14c33272..3cae5ec94b 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -153,7 +153,7 @@ NTSTATUS make_server_info_system(TALLOC_CTX *mem_ctx, const struct auth_serversupplied_info *get_server_info_system(void); bool copy_current_user(struct current_user *dst, struct current_user *src); struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, - fstring save_username, bool create ); + char **p_save_username, bool create ); NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, const char *sent_nt_username, const char *domain, @@ -4777,7 +4777,7 @@ const struct mangle_fns *posix_mangle_init(void); /* The following definitions come from auth/user_util.c */ -bool map_username(fstring user); +bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out); /* The following definitions come from auth/user_krb5.c */ struct PAC_LOGON_INFO; @@ -5081,8 +5081,8 @@ void add_session_user(struct smbd_server_connection *sconn, const char *user); void add_session_workgroup(struct smbd_server_connection *sconn, const char *workgroup); const char *get_session_workgroup(struct smbd_server_connection *sconn); -bool user_in_netgroup(const char *user, const char *ngname); -bool user_in_list(const char *user,const char **list); +bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname); +bool user_in_list(TALLOC_CTX *ctx, const char *user,const char **list); bool authorise_login(struct smbd_server_connection *sconn, int snum, fstring user, DATA_BLOB password, bool *guest); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index a04584e7c1..116d529025 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -1933,12 +1933,14 @@ NTSTATUS _samr_ChangePasswordUser2(struct pipes_struct *p, struct samr_ChangePasswordUser2 *r) { NTSTATUS status; - fstring user_name; + char *user_name = NULL; fstring wks; DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__)); - fstrcpy(user_name, r->in.account->string); + if (!r->in.account->string) { + return NT_STATUS_INVALID_PARAMETER; + } fstrcpy(wks, r->in.server->string); DEBUG(5,("_samr_ChangePasswordUser2: user: %s wks: %s\n", user_name, wks)); @@ -1948,7 +1950,10 @@ NTSTATUS _samr_ChangePasswordUser2(struct pipes_struct *p, * function. */ - (void)map_username(user_name); + (void)map_username(talloc_tos(), r->in.account->string, &user_name); + if (!user_name) { + return NT_STATUS_NO_MEMORY; + } /* * UNIX username case mangling not required, pass_oem_change @@ -1980,12 +1985,14 @@ NTSTATUS _samr_OemChangePasswordUser2(struct pipes_struct *p, struct samr_OemChangePasswordUser2 *r) { NTSTATUS status; - fstring user_name; + char *user_name = NULL; const char *wks = NULL; DEBUG(5,("_samr_OemChangePasswordUser2: %d\n", __LINE__)); - fstrcpy(user_name, r->in.account->string); + if (!r->in.account->string) { + return NT_STATUS_INVALID_PARAMETER; + } if (r->in.server && r->in.server->string) { wks = r->in.server->string; } @@ -1997,7 +2004,10 @@ NTSTATUS _samr_OemChangePasswordUser2(struct pipes_struct *p, * function. */ - (void)map_username(user_name); + (void)map_username(talloc_tos(), r->in.account->string, &user_name); + if (!user_name) { + return NT_STATUS_NO_MEMORY; + } /* * UNIX username case mangling not required, pass_oem_change @@ -2033,7 +2043,7 @@ NTSTATUS _samr_ChangePasswordUser3(struct pipes_struct *p, struct samr_ChangePasswordUser3 *r) { NTSTATUS status; - fstring user_name; + char *user_name = NULL; const char *wks = NULL; enum samPwdChangeReason reject_reason; struct samr_DomInfo1 *dominfo = NULL; @@ -2042,7 +2052,9 @@ NTSTATUS _samr_ChangePasswordUser3(struct pipes_struct *p, DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__)); - fstrcpy(user_name, r->in.account->string); + if (!r->in.account->string) { + return NT_STATUS_INVALID_PARAMETER; + } if (r->in.server && r->in.server->string) { wks = r->in.server->string; } @@ -2054,7 +2066,10 @@ NTSTATUS _samr_ChangePasswordUser3(struct pipes_struct *p, * function. */ - (void)map_username(user_name); + (void)map_username(talloc_tos(), r->in.account->string, &user_name); + if (!user_name) { + return NT_STATUS_NO_MEMORY; + } /* * UNIX username case mangling not required, pass_oem_change diff --git a/source3/smbd/password.c b/source3/smbd/password.c index cbe4d62595..9be2b3b746 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -435,7 +435,7 @@ static bool user_ok(const char *user, int snum) * around to pass to str_list_sub_basic() */ if ( invalid && str_list_sub_basic(invalid, "", "") ) { - ret = !user_in_list(user, + ret = !user_in_list(talloc_tos(), user, (const char **)invalid); } } @@ -452,7 +452,7 @@ static bool user_ok(const char *user, int snum) * around to pass to str_list_sub_basic() */ if ( valid && str_list_sub_basic(valid, "", "") ) { - ret = user_in_list(user, + ret = user_in_list(talloc_tos(), user, (const char **)valid); } } @@ -465,7 +465,7 @@ static bool user_ok(const char *user, int snum) if (user_list && str_list_substitute(user_list, "%S", lp_servicename(snum))) { - ret = user_in_list(user, + ret = user_in_list(talloc_tos(), user, (const char **)user_list); } TALLOC_FREE(user_list); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index ab68cb783e..efe68d7c3f 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -318,13 +318,20 @@ int find_service(fstring service) char *phome_dir = get_user_home_dir(talloc_tos(), service); if(!phome_dir) { + char *service_out = NULL; /* * Try mapping the servicename, it may * be a Windows to unix mapped user name. */ - if(map_username(service)) + if(map_username(talloc_tos(), service, &service_out)) { + if (service_out == NULL) { + /* Out of memory. */ + return -1; + } + fstrcpy(service, service_out); phome_dir = get_user_home_dir( talloc_tos(), service); + } } DEBUG(3,("checking for home directory %s gave %s\n",service, @@ -1153,12 +1160,12 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, /* Security = share. Try with * current_user_info.smb_name as the username. */ if (*current_user_info.smb_name) { - fstring unix_username; - fstrcpy(unix_username, - current_user_info.smb_name); - map_username(unix_username); + char *unix_username = NULL; + (void)map_username(talloc_tos(), + current_user_info.smb_name, + &unix_username); snum = find_service(unix_username); - } + } if (snum != -1) { DEBUG(5, ("making a connection to 'homes' " "service %s based on " diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index f9e49461cc..12d046038c 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -1546,13 +1546,20 @@ void reply_sesssetup_and_X(struct smb_request *req) reload_services(sconn->msg_ctx, sconn->sock, True); if (lp_security() == SEC_SHARE) { + char *sub_user_mapped = NULL; /* In share level we should ignore any passwords */ data_blob_free(&lm_resp); data_blob_free(&nt_resp); data_blob_clear_free(&plaintext_password); - map_username(sub_user); + (void)map_username(talloc_tos(), sub_user, &sub_user_mapped); + if (!sub_user_mapped) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsesssetupX); + return; + } + fstrcpy(sub_user, sub_user_mapped); add_session_user(sconn, sub_user); add_session_workgroup(sconn, domain); /* Then force it to null for the benfit of the code below */ diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 387d988a4d..d00616b24e 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -131,7 +131,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx, } if (*prefix == '&') { if (username) { - if (user_in_netgroup(username, name)) { + if (user_in_netgroup(mem_ctx, username, name)) { return True; } } |