From 1ab0d76f02cd0bc112b4dd026dad5223c9fed3b5 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 13 Mar 2006 00:05:47 +0000
Subject: r14259: Fix coverity #42. Ensure contact_domain can't be null derefed
 in error code path. Jeremy. (This used to be commit
 9f5fcdd8fb437882568e38e174e2df27bd077ba3)

---
 source3/nsswitch/winbindd_pam.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 754abad9e2..fdc6e07119 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -1583,7 +1583,8 @@ void winbindd_pam_chauthtok(struct winbindd_cli_state *state)
 
 	parse_domain_user(state->request.data.chauthtok.user, domain, user);
 
-	if (!(contact_domain = find_domain_from_name(domain))) {
+	contact_domain = find_domain_from_name(domain);
+	if (!contact_domain) {
 		DEBUG(3, ("Cannot change password for [%s] -> [%s]\\[%s] as %s is not a trusted domain\n", 
 			  state->request.data.chauthtok.user, domain, user, domain)); 
 		result = NT_STATUS_NO_SUCH_USER;
@@ -1650,7 +1651,7 @@ done:
 		}
 	}		
 
-	if (!NT_STATUS_IS_OK(result) && !got_info) {
+	if (!NT_STATUS_IS_OK(result) && !got_info && contact_domain) {
 
 		NTSTATUS policy_ret;
 		
@@ -1680,10 +1681,11 @@ process_result:
 	       state->response.data.auth.nt_status_string,
 	       state->response.data.auth.pam_error));	      
 
-	if (NT_STATUS_IS_OK(result))
+	if (NT_STATUS_IS_OK(result)) {
 		request_ok(state);
-	else
+	} else {
 		request_error(state);
+	}
 }
 
 void winbindd_pam_logoff(struct winbindd_cli_state *state)
-- 
cgit