From 3015fde98080ae0a1c4a4a68df552655a059742e Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 17 Jul 2001 02:26:04 +0000
Subject: Fix usermanager for domains - we were returning no memory when we
 should have been returning empty space at end of enumeration. Jeremy. (This
 used to be commit 175c6406925cbd798c3aa049912ab63802f44de4)

---
 source3/rpc_server/srv_samr_nt.c | 32 ++++++++++++++++++++++----------
 1 file changed, 22 insertions(+), 10 deletions(-)

(limited to 'source3/rpc_server/srv_samr_nt.c')

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 95caa1dda8..b808d4c9d6 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1097,39 +1097,51 @@ uint32 _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_
 	if (!(ctr = (SAM_DISPINFO_CTR *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_CTR))))
 		return NT_STATUS_NO_MEMORY;
 
+	ZERO_STRUCTP(ctr);
+
 	/* Now create reply structure */
 	switch (q_u->switch_level) {
 	case 0x1:
-		if (!(ctr->sam.info1 = (SAM_DISPINFO_1 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_1))))
-			return NT_STATUS_NO_MEMORY;
+		if (num_entries) {
+			if (!(ctr->sam.info1 = (SAM_DISPINFO_1 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_1))))
+				return NT_STATUS_NO_MEMORY;
+		}
 		disp_ret = init_sam_dispinfo_1(p->mem_ctx, ctr->sam.info1, &num_entries, &data_size, q_u->start_idx, pass);
 		if (disp_ret != NT_STATUS_NO_PROBLEMO)
 			return disp_ret;
 		break;
 	case 0x2:
-		if (!(ctr->sam.info2 = (SAM_DISPINFO_2 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_2))))
-			return NT_STATUS_NO_MEMORY;
+		if (num_entries) {
+			if (!(ctr->sam.info2 = (SAM_DISPINFO_2 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_2))))
+				return NT_STATUS_NO_MEMORY;
+		}
 		disp_ret = init_sam_dispinfo_2(p->mem_ctx, ctr->sam.info2, &num_entries, &data_size, q_u->start_idx, pass);
 		if (disp_ret != NT_STATUS_NO_PROBLEMO)
 			return disp_ret;
 		break;
 	case 0x3:
-		if (!(ctr->sam.info3 = (SAM_DISPINFO_3 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_3))))
-			return NT_STATUS_NO_MEMORY;
+		if (num_entries) {
+			if (!(ctr->sam.info3 = (SAM_DISPINFO_3 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_3))))
+				return NT_STATUS_NO_MEMORY;
+		}
 		disp_ret = init_sam_dispinfo_3(p->mem_ctx, ctr->sam.info3, &num_entries, &data_size, q_u->start_idx, grps);
 		if (disp_ret != NT_STATUS_NO_PROBLEMO)
 			return disp_ret;
 		break;
 	case 0x4:
-		if (!(ctr->sam.info4 = (SAM_DISPINFO_4 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_4))))
-			return NT_STATUS_NO_MEMORY;
+		if (num_entries) {
+			if (!(ctr->sam.info4 = (SAM_DISPINFO_4 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_4))))
+				return NT_STATUS_NO_MEMORY;
+		}
 		disp_ret = init_sam_dispinfo_4(p->mem_ctx, ctr->sam.info4, &num_entries, &data_size, q_u->start_idx, pass);
 		if (disp_ret != NT_STATUS_NO_PROBLEMO)
 			return disp_ret;
 		break;
 	case 0x5:
-		if (!(ctr->sam.info5 = (SAM_DISPINFO_5 *)talloc(p->mem_ctx,sizeof(SAM_DISPINFO_5))))
-			return NT_STATUS_NO_MEMORY;
+		if (num_entries) {
+			if (!(ctr->sam.info5 = (SAM_DISPINFO_5 *)talloc(p->mem_ctx,num_entries*sizeof(SAM_DISPINFO_5))))
+				return NT_STATUS_NO_MEMORY;
+		}
 		disp_ret = init_sam_dispinfo_5(p->mem_ctx, ctr->sam.info5, &num_entries, &data_size, q_u->start_idx, grps);
 		if (disp_ret != NT_STATUS_NO_PROBLEMO)
 			return disp_ret;
-- 
cgit