diff options
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/common/util.c | 9 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/operational.c | 5 |
2 files changed, 9 insertions, 5 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index feebab8d45..8c9c98201b 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -187,18 +187,19 @@ struct dom_sid *samdb_search_dom_sid(struct ldb_context *sam_ldb, return the count of the number of records in the sam matching the query */ int samdb_search_count(struct ldb_context *sam_ldb, - TALLOC_CTX *mem_ctx, struct ldb_dn *basedn, - const char *format, ...) _PRINTF_ATTRIBUTE(4,5) + const char *format, ...) _PRINTF_ATTRIBUTE(3,4) { va_list ap; struct ldb_message **res; - const char * const attrs[] = { NULL }; + const char *attrs[] = { NULL }; int ret; + TALLOC_CTX *tmp_ctx = talloc_new(sam_ldb); va_start(ap, format); - ret = gendb_search_v(sam_ldb, mem_ctx, basedn, &res, attrs, format, ap); + ret = gendb_search_v(sam_ldb, tmp_ctx, basedn, &res, attrs, format, ap); va_end(ap); + talloc_free(tmp_ctx); return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c index 031544d6a8..cc29476665 100644 --- a/source4/dsdb/samdb/ldb_modules/operational.c +++ b/source4/dsdb/samdb/ldb_modules/operational.c @@ -104,7 +104,10 @@ static int construct_primary_group_token(struct ldb_module *module, ldb = ldb_module_get_ctx(module); - if (samdb_search_count(ldb, ldb, msg->dn, "(objectclass=group)") == 1) { + /* this is horrendously inefficient! we're doing a subtree + * search for every DN we return. So that's N^2 in the + * total number of objects! */ + if (samdb_search_count(ldb, msg->dn, "(objectclass=group)") == 1) { primary_group_token = samdb_result_rid_from_sid(ldb, msg, "objectSid", 0); return samdb_msg_add_int(ldb, ldb, msg, "primaryGroupToken", |