From e4d85fa73d3ce1f397fdd416af6b8c903a473824 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 11 Feb 2013 14:46:43 +1100 Subject: dsdb-descriptor: Avoid segfault copying an SD without an owner or group This is an unusual SD, but it does exist is some very old upgraded databases. Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104 --- source4/dsdb/samdb/ldb_modules/descriptor.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c index 859558ca1e..7743baaaa5 100644 --- a/source4/dsdb/samdb/ldb_modules/descriptor.c +++ b/source4/dsdb/samdb/ldb_modules/descriptor.c @@ -181,20 +181,28 @@ static struct security_descriptor *descr_handle_sd_flags(TALLOC_CTX *mem_ctx, final_sd->type = SEC_DESC_SELF_RELATIVE; if (sd_flags & (SECINFO_OWNER)) { - final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid)); + if (new_sd->owner_sid) { + final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid)); + } final_sd->type |= new_sd->type & SEC_DESC_OWNER_DEFAULTED; } else if (old_sd) { - final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid)); + if (old_sd->owner_sid) { + final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid)); + } final_sd->type |= old_sd->type & SEC_DESC_OWNER_DEFAULTED; } if (sd_flags & (SECINFO_GROUP)) { - final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid)); + if (new_sd->group_sid) { + final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid)); + } final_sd->type |= new_sd->type & SEC_DESC_GROUP_DEFAULTED; } else if (old_sd) { - final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid)); + if (old_sd->group_sid) { + final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid)); + } final_sd->type |= old_sd->type & SEC_DESC_GROUP_DEFAULTED; } -- cgit