The branch, master has been updated
via 2b44c85 s3-libads: Use the IP instead of the name.
via 6030fac s3-auth: Steal the memory to avoid duplication.
via 4081c29 s3-auth: Do not leak tmp_ctx if make_server_info() fails.
via cf73692 s3-auth: Make is_null_sid() check easier to read.
from 48ffca0 CVE-2013-4496:Revert remainder of
ce895609b04380bfc41e4f8fddc84bd2f9324340
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2b44c85c7b322b392c8d3d0f393171ca54bb5f47
Author: Bjoern Baumbach <[email protected]>
Date: Mon Mar 10 13:59:15 2014 +0100
s3-libads: Use the IP instead of the name.
Thix fixes 'net rpc join' against ADS.
Signed-off-by: Bjoern Baumbach <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
Autobuild-User(master): Günther Deschner <[email protected]>
Autobuild-Date(master): Thu Mar 13 17:06:00 CET 2014 on sn-devel-104
commit 6030fac3d15ad851b8786509c402c68f12dfd653
Author: Andreas Schneider <[email protected]>
Date: Fri Feb 28 17:16:27 2014 +0100
s3-auth: Steal the memory to avoid duplication.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
commit 4081c29d3bb5c21daa70dd498aa709e335bcd524
Author: Andreas Schneider <[email protected]>
Date: Fri Feb 28 17:15:40 2014 +0100
s3-auth: Do not leak tmp_ctx if make_server_info() fails.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
commit cf73692f96d0ab7d2722695d02e4eceb1358574b
Author: Simo Sorce <[email protected]>
Date: Fri Feb 28 16:57:23 2014 +0100
s3-auth: Make is_null_sid() check easier to read.
Signed-off-by: Simo Sorce <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/auth/server_info.c | 5 +++--
source3/auth/server_info_sam.c | 9 +++------
source3/libads/ldap.c | 2 +-
3 files changed, 7 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 43711d5..c363f44 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -453,6 +453,7 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
enum lsa_SidType type;
uint32_t num_sids = 0;
struct dom_sid *user_sids = NULL;
+ bool is_null;
bool ok;
tmp_ctx = talloc_stackframe();
@@ -514,8 +515,8 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
}
/* Make sure we have a valid group sid */
- ok = !is_null_sid(&group_sid);
- if (!ok) {
+ is_null = is_null_sid(&group_sid);
+ if (is_null) {
status = NT_STATUS_NO_SUCH_USER;
goto done;
}
diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
index 47087b1..fef60c2 100644
--- a/source3/auth/server_info_sam.c
+++ b/source3/auth/server_info_sam.c
@@ -75,7 +75,8 @@ NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
server_info = make_server_info(tmp_ctx);
if (server_info == NULL) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
}
pwd = Get_Pwnam_alloc(tmp_ctx, username);
@@ -95,11 +96,7 @@ NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
goto out;
}
- server_info->unix_name = talloc_strdup(server_info, pwd->pw_name);
- if (server_info->unix_name == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
+ server_info->unix_name = talloc_steal(server_info, pwd->pw_name);
server_info->utok.gid = pwd->pw_gid;
server_info->utok.uid = pwd->pw_uid;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 10ac8fc..f0f9d4c 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -710,7 +710,7 @@ got_connection:
/* Otherwise setup the TCP LDAP session */
- ads->ldap.ld = ldap_open_with_timeout(ads->config.ldap_server_name,
+ ads->ldap.ld = ldap_open_with_timeout(addr,
&ads->ldap.ss,
ads->ldap.port,
lp_ldap_timeout());
if (ads->ldap.ld == NULL) {
--
Samba Shared Repository
