r5458: Generate a sane response to exceeding lookupsids limit. Truncate list to...

and return NT_STATUS_NONE_MAPPED.  This does not crash windows and maintains
the benefit of not overallocating memory.  The previous response of
truncating to the MAX limit was not useful because it crashed lsass.exe on
windows (bug opened with MS), and it was also misleading the client to
believe that a complete answer was received.
(This used to be commit c03a93957404663bbd026668fb95d6c253524fe9)

diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index b4c8e033ff1195f82d7ee4e41846e5234b30e204..225e5efd54c5881c740aeae75e5f971bc957ac3d 100644 (file)
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -647,8 +647,9 @@ NTSTATUS _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_
        uint32 mapped_count = 0;
 
        if (num_entries >  MAX_LOOKUP_SIDS) {
-               num_entries = MAX_LOOKUP_SIDS;
-               DEBUG(5,("_lsa_lookup_sids: truncating SID lookup list to %d\n", num_entries));
+               num_entries = 0;
+               DEBUG(5,("_lsa_lookup_sids: limit of %d exceeded, truncating SID lookup list to %d\n", MAX_LOOKUP_SIDS, num_entries));
+               r_u->status = NT_STATUS_NONE_MAPPED;
        }
 
        ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);