From 1638941ba296fff1a5b22ed34dbe6eb7e0dbb4b2 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 18 Feb 2008 16:58:24 +0100 Subject: Fix a comment typo. Michael (This used to be commit 00e2dd36b38fcf92d76a0e79860cf9ca6a3d027e) --- source3/services/services_db.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/services/services_db.c') diff --git a/source3/services/services_db.c b/source3/services/services_db.c index d4e144d5ff..37440a299f 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -469,7 +469,7 @@ void svcctl_init_keys( void ) fetch_reg_keys( key, subkeys ); - /* the builting services exist */ + /* the builtin services exist */ for ( i=0; builtin_svcs[i].servicename; i++ ) add_new_svc_name( key, subkeys, builtin_svcs[i].servicename ); -- cgit From 5cd707f82c238633df9f89ea45d71e2a92b48161 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 18 Feb 2008 17:23:41 +0100 Subject: Add a check for success of fetch_reg_values(). Michael (This used to be commit ba69097f37086537e6b2606fceeb874f6d3e4e1c) --- source3/services/services_db.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/services/services_db.c') diff --git a/source3/services/services_db.c b/source3/services/services_db.c index 37440a299f..89095c628d 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -531,7 +531,11 @@ SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN * return NULL; } - fetch_reg_values( key, values ); + if (fetch_reg_values( key, values ) == -1) { + DEBUG(0, ("Error getting registry values\n")); + TALLOC_FREE(key); + return NULL; + } TALLOC_FREE(key); -- cgit From 8ba088516aa34505849ef0a8639687bec22c5750 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 18 Feb 2008 17:38:19 +0100 Subject: Fix segfault in svcctl_get_secdesc(): prevent premature TALLOC_FREE. This crash was triggered by (e.g.) net rpc service status. This patch prevents premature freeing of memory and creates a common exit point to the function. Michael (This used to be commit f1fb9fd6f14fc53629871cbe4b8558ad5acc14f0) --- source3/services/services_db.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/services/services_db.c') diff --git a/source3/services/services_db.c b/source3/services/services_db.c index 89095c628d..ae83e72697 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -520,29 +520,21 @@ SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN * if ( !W_ERROR_IS_OK(wresult) ) { DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n", path, dos_errstr(wresult))); - SAFE_FREE(path); - return NULL; + goto done; } - SAFE_FREE(path); if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) { DEBUG(0,("svcctl_get_secdesc: talloc() failed!\n")); - TALLOC_FREE( key ); - return NULL; + goto done; } if (fetch_reg_values( key, values ) == -1) { DEBUG(0, ("Error getting registry values\n")); - TALLOC_FREE(key); - return NULL; + goto done; } - TALLOC_FREE(key); - if ( !(val = regval_ctr_getvalue( values, "Security" )) ) { - DEBUG(6,("svcctl_get_secdesc: constructing default secdesc for service [%s]\n", - name)); - return construct_service_sd( ctx ); + goto fallback_to_default_sd; } /* stream the service security descriptor */ @@ -550,10 +542,18 @@ SEC_DESC *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN * status = unmarshall_sec_desc(ctx, regval_data_p(val), regval_size(val), &ret_sd); - if (!NT_STATUS_IS_OK(status)) { - return construct_service_sd( ctx ); + if (NT_STATUS_IS_OK(status)) { + goto done; } +fallback_to_default_sd: + DEBUG(6, ("svcctl_get_secdesc: constructing default secdesc for " + "service [%s]\n", name)); + ret_sd = construct_service_sd(ctx); + +done: + SAFE_FREE(path); + TALLOC_FREE(key); return ret_sd; } -- cgit