diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 6 | ||||
-rw-r--r-- | source3/rpc_parse/parse_lsa.c | 57 |
2 files changed, 36 insertions, 27 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 5ce90ba1b7..a3b0a516b0 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -448,7 +448,7 @@ uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, /* Store the parameters */ - init_q_lookup_sids(ctx, &q_l, hnd, num_sids, &sids, 1); + init_q_lookup_sids(ctx, &q_l, hnd, num_sids, sids, 1); /* turn parameters into data stream */ if (lsa_io_q_lookup_sids("", &q_l, &buf, 0) && @@ -590,7 +590,7 @@ uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, DEBUG(4, ("LSA Lookup NAMEs\n")); /* store the parameters */ - init_q_lookup_names(&q_l, hnd, num_names, names); + init_q_lookup_names(ctx, &q_l, hnd, num_names, names); /* turn parameters into data stream */ if (lsa_io_q_lookup_names("", &q_l, &buf, 0) && @@ -606,7 +606,7 @@ uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, r_l.dom_ref = &ref; r_l.dom_rid = t_rids; - lsa_io_r_lookup_names("", &r_l, &rbuf, 0); + lsa_io_r_lookup_names(ctx, "", &r_l, &rbuf, 0); p = rbuf.data_offset != 0; if (p && r_l.status != 0) { diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 6a2e504f79..4b0e6e4106 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -649,9 +649,9 @@ BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth ********************************************************************/ void init_lsa_sid_enum(TALLOC_CTX *mem_ctx, LSA_SID_ENUM *sen, - int num_entries, DOM_SID **sids) + int num_entries, DOM_SID *sids) { - int i, i2; + int i; DEBUG(5, ("init_lsa_sid_enum\n")); @@ -677,14 +677,9 @@ void init_lsa_sid_enum(TALLOC_CTX *mem_ctx, LSA_SID_ENUM *sen, /* Copy across SIDs and SID pointers */ - for (i = 0, i2 = 0; i < num_entries; i++) { - if (sids[i] != NULL) { - sen->ptr_sid[i] = 1; - init_dom_sid2(&sen->sid[i2], sids[i]); - i2++; - } else { - sen->ptr_sid[i] = 0; - } + for (i = 0; i < num_entries; i++) { + sen->ptr_sid[i] = 1; + init_dom_sid2(&sen->sid[i], &sids[i]); } } @@ -756,7 +751,7 @@ static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, ********************************************************************/ void init_q_lookup_sids(TALLOC_CTX *mem_ctx, LSA_Q_LOOKUP_SIDS *q_l, - POLICY_HND *hnd, int num_sids, DOM_SID **sids, + POLICY_HND *hnd, int num_sids, DOM_SID *sids, uint16 level) { DEBUG(5, ("init_r_enum_trust_dom\n")); @@ -914,31 +909,39 @@ BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, in makes a structure. ********************************************************************/ -void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd, - int num_names, char **names) +void init_q_lookup_names(TALLOC_CTX *mem_ctx, LSA_Q_LOOKUP_NAMES *q_l, + POLICY_HND *hnd, int num_names, char **names) { int i; DEBUG(5, ("init_q_lookup_names\n")); - memcpy(&q_l->pol, hnd, sizeof(q_l->pol)); + ZERO_STRUCTP(q_l); + q_l->pol = *hnd; q_l->num_entries = num_names; q_l->num_entries2 = num_names; + q_l->lookup_level = 1; - SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries); + if ((q_l->uni_name = (UNISTR2 *)talloc( + mem_ctx, num_names * sizeof(UNISTR2))) == NULL) { + DEBUG(3, ("init_q_lookup_names(): out of memory\n")); + return; + } + + if ((q_l->hdr_name = (UNIHDR *)talloc( + mem_ctx, num_names * sizeof(UNIHDR))) == NULL) { + DEBUG(3, ("init_q_lookup_names(): out of memory\n")); + return; + } for (i = 0; i < num_names; i++) { char* name = names[i]; - int len = strlen(name)+1; + int len = strlen(name); + init_uni_hdr(&q_l->hdr_name[i], len); init_unistr2(&q_l->uni_name[i], name, len); } - - q_l->num_trans_entries = 0; - q_l->ptr_trans_sids = 0; - q_l->lookup_level = 1; - q_l->mapped_count = 0; } /******************************************************************* @@ -966,8 +969,6 @@ BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, if(!prs_uint32("num_entries2 ", ps, depth, &q_r->num_entries2)) return False; - SMB_ASSERT_ARRAY(q_r->uni_name, q_r->num_entries); - for (i = 0; i < q_r->num_entries; i++) { if(!smb_io_unihdr("hdr_name", &q_r->hdr_name[i], ps, depth)) /* pointer names */ return False; @@ -996,7 +997,8 @@ BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, reads or writes a structure. ********************************************************************/ -BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth) +BOOL lsa_io_r_lookup_names(TALLOC_CTX *mem_ctx, char *desc, + LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth) { int i; @@ -1030,6 +1032,13 @@ BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, return False; } + if ((r_r->dom_rid = (DOM_RID2 *) + talloc(mem_ctx, r_r->num_entries2 * sizeof(DOM_RID2))) + == NULL) { + DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n")); + return False; + } + for (i = 0; i < r_r->num_entries2; i++) if(!smb_io_dom_rid2("", &r_r->dom_rid[i], ps, depth)) /* domain RIDs being looked up */ return False; |