r14278: Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to be

specified once in an ACL, so it can be allocated a second time,
overwriting the first
(This used to be commit 1804a8a01ebf3353574a2c5b26a1746b34715737)

diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 8c08e7f2f146ccb1016df7f16d7fedaca555f023..1c34cd32a66acf9d1a1b15913952029200d78abe 100644 (file)
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -392,6 +392,10 @@ static SEC_DESC *sec_desc_parse(char *str)
                }
 
                if (strncmp(tok,"OWNER:", 6) == 0) {
+                       if (owner_sid) {
+                               printf("Only specify owner once\n");
+                               goto done;
+                       }
                        owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
                        if (!owner_sid ||
                            !StringToSid(owner_sid, tok+6)) {
@@ -402,6 +406,10 @@ static SEC_DESC *sec_desc_parse(char *str)
                }
 
                if (strncmp(tok,"GROUP:", 6) == 0) {
+                       if (grp_sid) {
+                               printf("Only specify group once\n");
+                               goto done;
+                       }
                        grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
                        if (!grp_sid ||
                            !StringToSid(grp_sid, tok+6)) {