Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.
This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.
[Bug 9570] Access failure for shares with "force group" or "valid users = @group"
https://bugzilla.samba.org/show_bug.cgi?id=9570
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
{
struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
m->private_data, struct pdb_samba_dsdb_state);
- const char *attrs[] = { "objectSid", "description", "samAccountName", "groupType",
+ const char *attrs[] = { "objectClass", "objectSid", "description", "samAccountName", "groupType",
NULL };
struct ldb_message *msg;
va_list ap;
id_maps[1] = NULL;
status = idmap_sids_to_xids(state->idmap_ctx, tmp_ctx, id_maps);
- talloc_free(tmp_ctx);
+
if (!NT_STATUS_IS_OK(status)) {
talloc_free(tmp_ctx);
return status;