From d988af921de131a05490f1eaa92dd33d36501580 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Nov 2006 20:21:23 +0000 Subject: r19705: Fix blocker bug for 3.0.23d - find_forced_group could return an uninitialized sid. Jeremy. (This used to be commit 57c60103e7dd8f9907bc2954369ea8db8b3b69ff) --- source3/smbd/service.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 29f26c0302..60ba85ab65 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -434,6 +434,9 @@ static NTSTATUS find_forced_group(BOOL force_user, BOOL user_must_be_member = False; gid_t gid; + ZERO_STRUCTP(pgroup_sid); + *pgid = (gid_t)-1; + mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { DEBUG(0, ("talloc_new failed\n")); @@ -489,6 +492,12 @@ static NTSTATUS find_forced_group(BOOL force_user, *pgid = gid; DEBUG(3,("Forced group %s for member %s\n", groupname, username)); + } else { + DEBUG(0,("find_forced_group: forced user %s is not a member " + "of forced group %s. Disallowing access.\n", + username, groupname )); + result = NT_STATUS_MEMBER_NOT_IN_GROUP; + goto done; } } else { sid_copy(pgroup_sid, &group_sid); -- cgit