diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 85 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 12 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 5 |
3 files changed, 72 insertions, 30 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 2343e3eedb..a85f0548bf 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -1066,7 +1066,18 @@ NTSTATUS _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP } ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); + if (!ref) { + return NT_STATUS_NO_MEMORY; + } + + if (num_entries) { + rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); + if (!rids) { + return NT_STATUS_NO_MEMORY; + } + } else { + rids = NULL; + } if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { r_u->status = NT_STATUS_INVALID_HANDLE; @@ -1079,9 +1090,6 @@ NTSTATUS _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP goto done; } - if (!ref || !rids) - return NT_STATUS_NO_MEMORY; - /* set up the LSA Lookup RIDs response */ become_root(); /* lookup_name can require root privs */ r_u->status = lookup_lsa_rids(p->mem_ctx, ref, rids, num_entries, @@ -1128,14 +1136,23 @@ NTSTATUS _lsa_lookup_names2(pipes_struct *p, LSA_Q_LOOKUP_NAMES2 *q_u, LSA_R_LOO } ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); - rids2 = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID2, num_entries); - - if ((ref == NULL) || (rids == NULL) || (rids2 == NULL)) { + if (ref == NULL) { r_u->status = NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY; } + if (num_entries) { + rids = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID, num_entries); + rids2 = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_RID2, num_entries); + if ((rids == NULL) || (rids2 == NULL)) { + r_u->status = NT_STATUS_NO_MEMORY; + return NT_STATUS_NO_MEMORY; + } + } else { + rids = NULL; + rids2 = NULL; + } + if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { r_u->status = NT_STATUS_INVALID_HANDLE; goto done; @@ -1200,7 +1217,17 @@ NTSTATUS _lsa_lookup_names3(pipes_struct *p, LSA_Q_LOOKUP_NAMES3 *q_u, LSA_R_LOO } ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); + if (ref == NULL) { + return NT_STATUS_NO_MEMORY; + } + if (num_entries) { + trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); + if (!trans_sids) { + return NT_STATUS_NO_MEMORY; + } + } else { + trans_sids = NULL; + } if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) { r_u->status = NT_STATUS_INVALID_HANDLE; @@ -1213,10 +1240,6 @@ NTSTATUS _lsa_lookup_names3(pipes_struct *p, LSA_Q_LOOKUP_NAMES3 *q_u, LSA_R_LOO goto done; } - if (!ref || !trans_sids) { - return NT_STATUS_NO_MEMORY; - } - /* set up the LSA Lookup SIDs response */ become_root(); /* lookup_name can require root privs */ r_u->status = lookup_lsa_sids(p->mem_ctx, ref, trans_sids, num_entries, @@ -1268,12 +1291,19 @@ NTSTATUS _lsa_lookup_names4(pipes_struct *p, LSA_Q_LOOKUP_NAMES4 *q_u, LSA_R_LOO } ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); - trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); - - if (!ref || !trans_sids) { + if (!ref) { return NT_STATUS_NO_MEMORY; } + if (num_entries) { + trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_TRANSLATED_SID3, num_entries); + if (!trans_sids) { + return NT_STATUS_NO_MEMORY; + } + } else { + trans_sids = NULL; + } + /* set up the LSA Lookup SIDs response */ become_root(); /* lookup_name can require root privs */ r_u->status = lookup_lsa_sids(p->mem_ctx, ref, trans_sids, num_entries, @@ -1384,8 +1414,12 @@ NTSTATUS _lsa_enum_privs(pipes_struct *p, LSA_Q_ENUM_PRIVS *q_u, LSA_R_ENUM_PRIV if (!(handle->access & POLICY_VIEW_LOCAL_INFORMATION)) return NT_STATUS_ACCESS_DENIED; - if ( !(entries = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_PRIV_ENTRY, num_privs )) ) - return NT_STATUS_NO_MEMORY; + if (num_privs) { + if ( !(entries = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_PRIV_ENTRY, num_privs )) ) + return NT_STATUS_NO_MEMORY; + } else { + entries = NULL; + } for (i = 0; i < num_privs; i++) { if( i < enum_context) { @@ -1489,12 +1523,17 @@ NTSTATUS _lsa_enum_accounts(pipes_struct *p, LSA_Q_ENUM_ACCOUNTS *q_u, LSA_R_ENU if (q_u->enum_context >= num_entries) return NT_STATUS_NO_MORE_ENTRIES; - sids->ptr_sid = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_entries-q_u->enum_context); - sids->sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_entries-q_u->enum_context); + if (num_entries-q_u->enum_context) { + sids->ptr_sid = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_entries-q_u->enum_context); + sids->sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_entries-q_u->enum_context); - if (sids->ptr_sid==NULL || sids->sid==NULL) { - SAFE_FREE(sid_list); - return NT_STATUS_NO_MEMORY; + if (sids->ptr_sid==NULL || sids->sid==NULL) { + SAFE_FREE(sid_list); + return NT_STATUS_NO_MEMORY; + } + } else { + sids->ptr_sid = NULL; + sids->sid = NULL; } for (i = q_u->enum_context, j = 0; i < num_entries; i++, j++) { diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 8f7bfd6b01..1b9a8c375b 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3939,10 +3939,14 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ if (!NT_STATUS_IS_OK(result)) return result; - attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members); - - if ((num_members!=0) && (attr==NULL)) - return NT_STATUS_NO_MEMORY; + if (num_members) { + attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members); + if (attr == NULL) { + return NT_STATUS_NO_MEMORY; + } + } else { + attr = NULL; + } for (i=0; i<num_members; i++) attr[i] = SID_NAME_USER; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index beb3b5aef0..08c3a46133 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2495,9 +2495,8 @@ done: if ( printer ) free_a_printer( &printer, 2 ); return WERR_NOMEM; - } - } - else { + } + } else { *data = NULL; } } |