s4-dsdb: Handle allocation failure

If a talloc function returns NULL, indicating failure, the failure could
be masked by the next talloc call allocating on the NULL context.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c
index 0c49ef1476266e5567d028d34a863f61eec9356d..310f98693c0f92ca512f472061e27bcf58abde8c 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -1100,6 +1100,9 @@ static int pso_search_by_sids(struct ldb_module *module, TALLOC_CTX *mem_ctx,
 
        /* build a query for PSO objects that apply to any of the SIDs given */
        sid_filter = talloc_strdup(mem_ctx, "");
+       if (sid_filter == NULL) {
+               return ldb_oom(ldb);
+       }
 
        for (i = 0; sid_filter && i < num_sids; i++) {
                struct dom_sid_buf sid_buf;
@@ -1108,10 +1111,9 @@ static int pso_search_by_sids(struct ldb_module *module, TALLOC_CTX *mem_ctx,
                        sid_filter,
                        "(msDS-PSOAppliesTo=<SID=%s>)",
                        dom_sid_str_buf(&sid_array[i].sid, &sid_buf));
-       }
-
-       if (sid_filter == NULL) {
-               return ldb_oom(ldb);
+               if (sid_filter == NULL) {
+                       return ldb_oom(ldb);
+               }
        }
 
        /* only PSOs located in the Password Settings Container are valid */