diff options
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/privileges.c | 6 | ||||
-rw-r--r-- | source3/lib/util_reg_smbconf.c | 9 | ||||
-rw-r--r-- | source3/lib/util_sid.c | 70 |
3 files changed, 52 insertions, 33 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 63fb462e32..509da80785 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -184,8 +184,10 @@ static int priv_traverse_fn(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, void *s return 0; } - if (!add_sid_to_array( priv->mem_ctx, &sid, &priv->sids.list, - &priv->sids.count )) { + if (!NT_STATUS_IS_OK(add_sid_to_array(priv->mem_ctx, &sid, + &priv->sids.list, + &priv->sids.count))) + { return 0; } diff --git a/source3/lib/util_reg_smbconf.c b/source3/lib/util_reg_smbconf.c index fa58f28d03..472fef7a2d 100644 --- a/source3/lib/util_reg_smbconf.c +++ b/source3/lib/util_reg_smbconf.c @@ -30,18 +30,21 @@ extern REGISTRY_OPS smbconf_reg_ops; */ NT_USER_TOKEN *registry_create_admin_token(TALLOC_CTX *mem_ctx) { + NTSTATUS status; NT_USER_TOKEN *token = NULL; /* fake a user token: builtin administrators sid and the * disk operators privilege is all we need to access the * registry... */ - if (!(token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) { + token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN); + if (token == NULL) { DEBUG(1, ("talloc failed\n")); goto done; } token->privileges = se_disk_operators; - if (!add_sid_to_array(token, &global_sid_Builtin_Administrators, - &token->user_sids, &token->num_sids)) { + status = add_sid_to_array(token, &global_sid_Builtin_Administrators, + &token->user_sids, &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Error adding builtin administrators sid " "to fake token.\n")); goto done; diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 222b32ed3a..37865238a5 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -573,20 +573,20 @@ DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, const DOM_SID *src) Add SID to an array SIDs ********************************************************************/ -bool add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - DOM_SID **sids, size_t *num) +NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + DOM_SID **sids, size_t *num) { *sids = TALLOC_REALLOC_ARRAY(mem_ctx, *sids, DOM_SID, (*num)+1); if (*sids == NULL) { *num = 0; - return False; + return NT_STATUS_NO_MEMORY; } sid_copy(&((*sids)[*num]), sid); *num += 1; - return True; + return NT_STATUS_OK; } @@ -594,14 +594,14 @@ bool add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid, Add SID to an array SIDs ensuring that it is not already there ********************************************************************/ -bool add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - DOM_SID **sids, size_t *num_sids) +NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const DOM_SID *sid, + DOM_SID **sids, size_t *num_sids) { size_t i; for (i=0; i<(*num_sids); i++) { if (sid_compare(sid, &(*sids)[i]) == 0) - return True; + return NT_STATUS_OK; } return add_sid_to_array(mem_ctx, sid, sids, num_sids); @@ -670,6 +670,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, size_t *num_user_sids, bool include_user_group_rid) { + NTSTATUS status; DOM_SID sid; DOM_SID *sid_array = NULL; size_t num_sids = 0; @@ -677,35 +678,47 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, if (include_user_group_rid) { - if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->user_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not add user SID from rid 0x%x\n", - info3->user_rid)); + if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->user_rid)) + { + DEBUG(3, ("could not compose user SID from rid 0x%x\n", + info3->user_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append user SID from rid 0x%x\n", + info3->user_rid)); + return status; + } - if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->group_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not append additional group rid 0x%x\n", - info3->group_rid)); - + if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->group_rid)) + { + DEBUG(3, ("could not compose group SID from rid 0x%x\n", + info3->group_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append group SID from rid 0x%x\n", + info3->group_rid)); + return status; + } } for (i = 0; i < info3->num_groups2; i++) { if (!sid_compose(&sid, &(info3->dom_sid.sid), - info3->gids[i].g_rid) - || !add_sid_to_array(mem_ctx, &sid, - &sid_array, &num_sids)) { - DEBUG(3,("could not append additional group rid 0x%x\n", - info3->gids[i].g_rid)); + info3->gids[i].g_rid)) + { + DEBUG(3, ("could not compose SID from additional group " + "rid 0x%x\n", info3->gids[i].g_rid)); return NT_STATUS_INVALID_PARAMETER; } + status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("could not append SID from additional group " + "rid 0x%x\n", info3->gids[i].g_rid)); + return status; + } } /* Copy 'other' sids. We need to do sid filtering here to @@ -715,11 +728,12 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, */ for (i = 0; i < info3->num_other_sids; i++) { - if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, - &sid_array, &num_sids)) { + status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid, + &sid_array, &num_sids); + if (!NT_STATUS_IS_OK(status)) { DEBUG(3, ("could not add SID to array: %s\n", sid_string_dbg(&info3->other_sids[i].sid))); - return NT_STATUS_NO_MEMORY; + return status; } } |