r14675: Protect against null sids and rids in the cached credentials functions.

author Günther Deschner <gd@samba.org>

Thu, 23 Mar 2006 13:22:54 +0000 (13:22 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 16:15:43 +0000 (11:15 -0500)
author Günther Deschner <gd@samba.org>
Thu, 23 Mar 2006 13:22:54 +0000 (13:22 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 16:15:43 +0000 (11:15 -0500)
diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c

index 12592178d97068655e5667555a5eb0c22b7828c2..f96f03290daaf0ecb3d939732076eb6ea7c8eab2 100644 (file)
--- a/source3/nsswitch/winbindd_cache.c
+++ b/source3/nsswitch/winbindd_cache.c
@@ -800,11 +800,20 @@ NTSTATUS wcache_cached_creds_exist(struct winbindd_domain *domain, const DOM_SID
         struct winbind_cache *cache = get_cache(domain);
         TDB_DATA data;
         fstring key_str;
+       uint32 rid;
  
         if (!cache->tdb) {
                 return NT_STATUS_INTERNAL_DB_ERROR;
         }
  
+       if (is_null_sid(sid)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
+       if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
         fstr_sprintf(key_str, "CRED/%s", sid_string_static(sid));
  
         data = tdb_fetch(cache->tdb, make_tdb_data(key_str, strlen(key_str)));
@@ -825,11 +834,20 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain,
         struct cache_entry *centry = NULL;
         NTSTATUS status;
         time_t t;
+       uint32 rid;
  
         if (!cache->tdb) {
                 return NT_STATUS_INTERNAL_DB_ERROR;
         }
  
+       if (is_null_sid(sid)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
+       if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
         centry = wcache_fetch(cache, domain, "CRED/%s", sid_string_static(sid));
         
         if (!centry) {
@@ -860,9 +878,17 @@ NTSTATUS wcache_save_creds(struct winbindd_domain *domain,
  {
         struct cache_entry *centry;
         fstring sid_string;
-       NTSTATUS status = NT_STATUS_OK; /* ??? */
+       uint32 rid;
  
-       centry = centry_start(domain, status);
+       if (is_null_sid(sid)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
+       if (!(sid_peek_rid(sid, &rid)) || (rid == 0)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
+       centry = centry_start(domain, NT_STATUS_OK);
         if (!centry) {
                 return NT_STATUS_INTERNAL_DB_ERROR;
         }
author	Günther Deschner <gd@samba.org>
	Thu, 23 Mar 2006 13:22:54 +0000 (13:22 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 16:15:43 +0000 (11:15 -0500)