From e4ba8fb3b9a6eebe7a56179f67d1aeff64cf1abc Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Thu, 1 Jul 2010 13:46:55 +0200 Subject: [PATCH] s3-printing: Fix Bug #7541, %D in "printer admin" causing smbd crash. Guenther --- source3/printing/nt_printing.c | 3 ++- source3/rpc_server/srv_spoolss_nt.c | 22 +++++++++++++++------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 657db569741..9ed6461b273 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5678,7 +5678,8 @@ bool print_access_check(struct auth_serversupplied_info *server_info, int snum, if (!NT_STATUS_IS_OK(status) && (token_contains_name_in_list(uidtoname(server_info->utok.uid), - NULL, NULL, server_info->ptok, + server_info->info3->base.domain.string, + NULL, server_info->ptok, lp_printer_admin(snum)))) { talloc_destroy(mem_ctx); return True; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 6fd369562ab..c844027382a 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1567,7 +1567,8 @@ WERROR _spoolss_OpenPrinterEx(pipes_struct *p, &se_printop ) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { close_printer_handle(p, r->out.handle); @@ -1863,8 +1864,10 @@ WERROR _spoolss_DeletePrinterDriver(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, - NULL, p->server_info->ptok, + uidtoname(p->server_info->utok.uid), + p->server_info->info3->base.domain.string, + NULL, + p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -1962,7 +1965,9 @@ WERROR _spoolss_DeletePrinterDriverEx(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, NULL, + uidtoname(p->server_info->utok.uid), + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -7825,7 +7830,8 @@ WERROR _spoolss_AddForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n")); @@ -7924,7 +7930,8 @@ WERROR _spoolss_DeleteForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n")); @@ -8007,7 +8014,8 @@ WERROR _spoolss_SetForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + p->server_info->info3->base.domain.string, + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n")); -- 2.34.1