From 7f44432fb0b17c1c7cdda3d56c2cc132d25d9397 Mon Sep 17 00:00:00 2001 From: Arvid Requate Date: Thu, 17 Jan 2013 16:44:28 +0100 Subject: [PATCH 1/2] passdb: fix NT_STATUS_NO_SUCH_GROUP Share options like "force group" and "valid users = @group1" triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in the SAM backend, its objectclass was not retrived. This fix also revealed a talloc access after free in the group branch of pdb_samba_dsdb_getgrfilter. [Bug 9570] Access failure for shares with "force group" or "valid users = @group" https://bugzilla.samba.org/show_bug.cgi?id=9570 Reviewed-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- source3/passdb/pdb_samba_dsdb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c index 87320e8..7d7bd8d 100644 --- a/source3/passdb/pdb_samba_dsdb.c +++ b/source3/passdb/pdb_samba_dsdb.c @@ -885,7 +885,7 @@ static NTSTATUS pdb_samba_dsdb_getgrfilter(struct pdb_methods *m, GROUP_MAP *map { struct pdb_samba_dsdb_state *state = talloc_get_type_abort( m->private_data, struct pdb_samba_dsdb_state); - const char *attrs[] = { "objectSid", "description", "samAccountName", "groupType", + const char *attrs[] = { "objectClass", "objectSid", "description", "samAccountName", "groupType", NULL }; struct ldb_message *msg; va_list ap; @@ -950,7 +950,7 @@ static NTSTATUS pdb_samba_dsdb_getgrfilter(struct pdb_methods *m, GROUP_MAP *map id_maps[1] = NULL; status = idmap_sids_to_xids(state->idmap_ctx, tmp_ctx, id_maps); - talloc_free(tmp_ctx); + if (!NT_STATUS_IS_OK(status)) { talloc_free(tmp_ctx); return status; -- 2.1.0.rc2.206.gedb03e5