From 7936fb0ab8c3413768e83975c9d8544d653ee13c Mon Sep 17 00:00:00 2001 From: Christian Ambach Date: Tue, 13 Mar 2012 10:07:11 -0700 Subject: Fix bug #8807 - dcerpc_lsa_lookup_sids_noalloc() crashes when groups has more than 1000 groups Use correct talloc heirarchy. Signed-off-by: Jeremy Allison --- source3/rpc_client/cli_lsarpc.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'source3/rpc_client') diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 59ca3b0e17..c6e402d6ed 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -166,6 +166,8 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli, static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, + TALLOC_CTX *domains_ctx, + TALLOC_CTX *names_ctx, struct policy_handle *pol, int num_sids, const struct dom_sid *sids, @@ -287,7 +289,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct dcerpc_binding_handle *h, name = lsa_names.names[i].name.string; if (name) { - (names)[i] = talloc_strdup(names, name); + (names)[i] = talloc_strdup(names_ctx, name); if ((names)[i] == NULL) { DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n")); *presult = NT_STATUS_UNSUCCESSFUL; @@ -296,7 +298,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct dcerpc_binding_handle *h, } else { (names)[i] = NULL; } - domains[i] = talloc_strdup(domains, + domains[i] = talloc_strdup(domains_ctx, dom_name ? dom_name : ""); (types)[i] = lsa_names.names[i].sid_type; if ((domains)[i] == NULL) { @@ -394,6 +396,8 @@ static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h, status = dcerpc_lsa_lookup_sids_noalloc(h, mem_ctx, + (TALLOC_CTX *)domains, + (TALLOC_CTX *)names, pol, hunk_num_sids, hunk_sids, @@ -433,7 +437,7 @@ static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h, } sids_left -= hunk_num_sids; - sids_processed += hunk_num_sids; /* only used in DEBUG */ + sids_processed += hunk_num_sids; hunk_sids += hunk_num_sids; hunk_domains += hunk_num_sids; hunk_names += hunk_num_sids; -- cgit