util_sid.c - respect a const variabile (addedd strdup)

cli_reg.c  - indentation
pdb_ldap.c - some checks on init fns parameters
pdb_tdb.c  - some checks on init fns parameters + make sure we close the db on failure
(This used to be commit 49f5cb7a3df6d673f86e6769319aa657e30d8380)

diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 009cc7742af7d092ca45dcabc1c2fe673f9b92e7..d35e8a8ac9cfd7ba2381031667aecb9d27979f4a 100644 (file)
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -375,20 +375,26 @@ const char *sid_string_static(DOM_SID *sid)
 BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
 {
   pstring tok;
-  const char *p = sidstr;
+  char *p;
   /* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
   uint32 ia;
+  
+  if (StrnCaseCmp( sidstr, "S-", 2)) {
+    DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
+    return False;
+  }
 
   memset((char *)sidout, '\0', sizeof(DOM_SID));
 
-  if (StrnCaseCmp( sidstr, "S-", 2)) {
-    DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
+  p = strdup(sidstr + 2);
+  if (p == NULL) {
+    DEBUG(0, ("string_to_sid: out of memory!\n"));
     return False;
   }
 
-  p += 2;
   if (!next_token(&p, tok, "-", sizeof(tok))) {
     DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    SAFE_FREE(p);
     return False;
   }
 
@@ -397,6 +403,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
 
   if (!next_token(&p, tok, "-", sizeof(tok))) {
     DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+    SAFE_FREE(p);
     return False;
   }
 
@@ -422,6 +429,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
        sid_append_rid(sidout, (uint32)strtoul(tok, NULL, 10));
   }
 
+  SAFE_FREE(p);
   return True;
 }
 

diff --git a/source3/libsmb/cli_reg.c b/source3/libsmb/cli_reg.c
index 948534c29b71ebb57c92b8eef10e79b471c0cedc..b88b3532ef7ec9429b40294c3aaaf3f5c6c4ab1d 100644 (file)
--- a/source3/libsmb/cli_reg.c
+++ b/source3/libsmb/cli_reg.c
@@ -7,7 +7,7 @@
    Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
    Copyright (C) Paul Ashton                  1997-1998.
    Copyright (C) Jeremy Allison                    1999.
-   Copyright (C) Simo Sorce                        2000
+   Copyright (C) Simo Sorce                        2001
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -38,8 +38,7 @@ struct cli_state *cli_winreg_initialise(struct cli_state *cli,
 /* Shutdown a server */
 
 NTSTATUS cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx,
-                          const char *msg,
-                          uint32 timeout, uint16 flags)
+                          const char *msg, uint32 timeout, uint16 flags)
 {
        prs_struct qbuf;
        prs_struct rbuf; 

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 215292be48d168816ba85756d5e0b34bb887d98a..b9facb3a33be92384d6f9506b12696f2da2e0f0f 100644 (file)
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -70,7 +70,9 @@ ldap_open_connection (LDAP ** ldap_struct)
        int port;
        int version, rc;
        int tls = LDAP_OPT_X_TLS_HARD;
-       
+
+       /* there should be an lp_ldap_ssl_port(), what happen if for some
+          reason we need to bind an SSLed LDAP on port 389 ?? ---simo */
        if (lp_ldap_ssl() == LDAP_SSL_ON && lp_ldap_port() == 389) {
                port = 636;
        }
@@ -368,6 +370,11 @@ static BOOL init_sam_from_ldap (SAM_ACCOUNT * sampass,
        uint8 *hours;
        pstring temp;
 
+       if (sampass == NULL || ldap_struct == NULL || entry == NULL) {
+               DEBUG(0, ("init_sam_from_ldap: NULL parameters found!\n"));
+               return False;
+       }
+
        get_single_attribute(ldap_struct, entry, "uid", username);
        DEBUG(2, ("Entry found for user: %s\n", username));
 
@@ -526,6 +533,11 @@ static BOOL init_ldap_from_sam (LDAPMod *** mods, int ldap_state, const SAM_ACCO
 {
        pstring temp;
 
+       if (mods == NULL || sampass == NULL) {
+               DEBUG(0, ("init_ldap_from_sam: NULL parameters found!\n"));
+               return False;
+       }
+
        *mods = NULL;
 
        /* 

diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index fbfdd1aace229327cb581a5d082ffb57d2bff3d0..8c17bb76ec22a4e9aa16ab26bdf35265ba79e874 100644 (file)
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -80,6 +80,11 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, uint32 bufle
        uint32          len = 0;
        uint32          lmpwlen, ntpwlen, hourslen;
        BOOL ret = True;
+       
+       if(sampass == NULL || buf == NULL) {
+               DEBUG(0, ("init_sam_from_buffer: NULL parameters found!\n"));
+               return False;
+       }
                                                                        
        /* unpack the buffer into variables */
        len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING,
@@ -207,9 +212,11 @@ static uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass)
        uint32  nt_pw_len = 16;
 
        /* do we have a valid SAM_ACCOUNT pointer? */
-       if (sampass == NULL)
+       if (sampass == NULL) {
+               DEBUG(0, ("init_buffer_from_sam: SAM_ACCOUNT is NULL!\n"));
                return -1;
-               
+       }
+       
        *buf = NULL;
        buflen = 0;
 
@@ -404,7 +411,7 @@ void pdb_endsampwent(void)
                global_tdb_ent.passwd_tdb = NULL;
        }
        
-       DEBUG(7, ("endtdbpwent: closed password file.\n"));
+       DEBUG(7, ("endtdbpwent: closed sam database.\n"));
 }
 
 /*****************************************************************
@@ -425,10 +432,10 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
                return False;
        }
 
-       /* skip all RID entries */
-       while ((global_tdb_ent.key.dsize != 0) && (strncmp (global_tdb_ent.key.dptr, prefix, prefixlen)))
+       /* skip all non-USER entries (eg. RIDs) */
+       while ((global_tdb_ent.key.dsize != 0) && (strncmp(global_tdb_ent.key.dptr, prefix, prefixlen)))
                /* increment to next in line */
-               global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+               global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
 
        /* do we have an valid interation pointer? */
        if(global_tdb_ent.passwd_tdb == NULL) {
@@ -436,14 +443,14 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
                return False;
        }
 
-       data = tdb_fetch (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+       data = tdb_fetch(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
        if (!data.dptr) {
                DEBUG(5,("pdb_getsampwent: database entry not found.\n"));
                return False;
        }
   
        /* unpack the buffer */
-       if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+       if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
                DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
                SAFE_FREE(data.dptr);
                return False;
@@ -461,11 +468,11 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 
        uid = pw->pw_uid;
        gid = pw->pw_gid;
-       pdb_set_uid (user, uid);
-       pdb_set_gid (user, gid);
+       pdb_set_uid(user, uid);
+       pdb_set_gid(user, gid);
 
        /* increment to next in line */
-       global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+       global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
 
        return True;
 }
@@ -495,12 +502,12 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
        unix_strlower(sname, -1, name, sizeof(name));
 
        get_private_directory(tdbfile);
-       pstrcat (tdbfile, PASSDB_FILE_NAME);
+       pstrcat(tdbfile, PASSDB_FILE_NAME);
        
        /* set search key */
        slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
        key.dptr = keystr;
-       key.dsize = strlen (keystr) + 1;
+       key.dsize = strlen(keystr) + 1;
 
        /* open the accounts TDB */
        if (!(pwd_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600))) {
@@ -509,34 +516,40 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
        }
 
        /* get the record */
-       data = tdb_fetch (pwd_tdb, key);
+       data = tdb_fetch(pwd_tdb, key);
        if (!data.dptr) {
                DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
                DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
-               tdb_close (pwd_tdb);
+               tdb_close(pwd_tdb);
                return False;
        }
   
        /* unpack the buffer */
-       if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+       if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
                DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
                SAFE_FREE(data.dptr);
+               tdb_close(pwd_tdb);
                return False;
        }
        SAFE_FREE(data.dptr);
+
+       /* cleanup */
+       tdb_close(pwd_tdb);
        
        /* validate the account and fill in UNIX uid and gid.  sys_getpwnam()
-          is used instaed of Get_Pwnam() as we do not need to try case
+          is used instead of Get_Pwnam() as we do not need to try case
           permutations */
        if ((pw=sys_getpwnam(pdb_get_username(user)))) {
                uid = pw->pw_uid;
                gid = pw->pw_gid;
-               pdb_set_uid (user, uid);
-               pdb_set_gid (user, gid);
+               pdb_set_uid(user, uid);
+               pdb_set_gid(user, gid);
+       }
+       else {
+               DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL.  User does not exist!\n", 
+                         pdb_get_username(user)));
+               return False;
        }
-       
-       /* cleanup */
-       tdb_close (pwd_tdb);
 
        return True;
 }