git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ba17500)
s4:kdc: Check return value of samdb_result_dom_sid()
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Thu, 24 Aug 2023 23:17:24 +0000 (11:17 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 14 Sep 2023 21:35:29 +0000 (21:35 +0000)
We should not pass a NULL pointer into dom_sid_split_rid().

Unlike samdb_result_dom_sid(), samdb_result_dom_sid_buf() produces an
error code on failure and does not require a heap allocation.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/kdc/pac-glue.c patch | blob | history

diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index bb445efe3e009aae4c7520deeb60311c638649ba..5b6b01d1597f64f8c44206a021d9c3bb2f77044b 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -750,7 +750,9 @@ int samba_krbtgt_is_in_db(struct samba_kdc_entry *p,
                          bool *is_trusted)
 {
        NTSTATUS status;
+       krb5_error_code ret;
        int rodc_krbtgt_number, trust_direction;
+       struct dom_sid sid;
        uint32_t rid;
 
        TALLOC_CTX *mem_ctx = talloc_new(NULL);
@@ -774,8 +776,12 @@ int samba_krbtgt_is_in_db(struct samba_kdc_entry *p,
 
        /* The lack of password controls etc applies to krbtgt by
         * virtue of being that particular RID */
-       status = dom_sid_split_rid(NULL, samdb_result_dom_sid(mem_ctx, p->msg, "objectSid"), NULL, &rid);
+       ret = samdb_result_dom_sid_buf(p->msg, "objectSid", &sid);
+       if (ret) {
+               return ret;
+       }
 
+       status = dom_sid_split_rid(NULL, &sid, NULL, &rid);
        if (!NT_STATUS_IS_OK(status)) {
                talloc_free(mem_ctx);
                return map_errno_from_nt_status(status);
Samba Shared Repository