From c377432ddfb2566e733f5476520432d9303980b7 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 1 Feb 2012 17:02:52 +0100 Subject: [PATCH 1/2] s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray() Pair-Programmed-With: Michael Adam metze (cherry picked from commit adbab7710d1fc4ca31469982dae0ee51e6b19896) --- source3/auth/server_info.c | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index dc5b15f..61c1dcc 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -529,7 +529,7 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( const struct wbcSidWithAttr *sids, size_t num_sids) { - unsigned int i; + unsigned int i, j = 0; bool ok; groups->rids = talloc_array(mem_ctx, @@ -542,15 +542,16 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( for (i = 0; i < num_sids; i++) { ok = sid_peek_check_rid(domain_sid, (const struct dom_sid *)&sids[i].sid, - &groups->rids[i].rid); + &groups->rids[j].rid); if (!ok) continue; - groups->rids[i].attributes = SE_GROUP_MANDATORY | + groups->rids[j].attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED; - groups->count++; + j++; } + groups->count = j; return NT_STATUS_OK; } -- 1.7.4.1 From 317af1e39a66e006607fd3a45701ffeb686edd19 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 1 Feb 2012 17:04:17 +0100 Subject: [PATCH 2/2] s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739) Originally, only the rid array was filled and foreign domain sids were omitted. Pair-Programmed-With: Michael Adam metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Thu Feb 2 12:59:32 CET 2012 on sn-devel-104 (cherry picked from commit dab7b0e7171edf5b11af154175711e2b972c000b) --- source3/auth/server_info.c | 53 ++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 53 insertions(+), 0 deletions(-) diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c index 61c1dcc..5b8ae1b 100644 --- a/source3/auth/server_info.c +++ b/source3/auth/server_info.c @@ -555,6 +555,48 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray( return NT_STATUS_OK; } +static NTSTATUS wbcsids_to_netr_SidAttrArray( + const struct dom_sid *domain_sid, + const struct wbcSidWithAttr *sids, + size_t num_sids, + TALLOC_CTX *mem_ctx, + struct netr_SidAttr **_info3_sids, + uint32_t *info3_num_sids) +{ + unsigned int i, j = 0; + struct netr_SidAttr *info3_sids; + + info3_sids = talloc_array(mem_ctx, struct netr_SidAttr, num_sids); + if (info3_sids == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* a wbcDomainSid is the same as a dom_sid */ + for (i = 0; i < num_sids; i++) { + const struct dom_sid *sid; + + sid = (const struct dom_sid *)&sids[i].sid; + + if (dom_sid_in_domain(domain_sid, sid)) { + continue; + } + + info3_sids[j].sid = dom_sid_dup(info3_sids, sid); + if (info3_sids[j].sid == NULL) { + talloc_free(info3_sids); + return NT_STATUS_NO_MEMORY; + } + info3_sids[j].attributes = SE_GROUP_MANDATORY | + SE_GROUP_ENABLED_BY_DEFAULT | + SE_GROUP_ENABLED; + j++; + } + + *info3_num_sids = j; + *_info3_sids = info3_sids; + return NT_STATUS_OK; +} + struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, const struct wbcAuthUserInfo *info) { @@ -637,6 +679,17 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, return NULL; } + status = wbcsids_to_netr_SidAttrArray(&domain_sid, + &info->sids[1], + info->num_sids - 1, + info3, + &info3->sids, + &info3->sidcount); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(info3); + return NULL; + } + info3->base.user_flags = info->user_flags; memcpy(info3->base.key.key, info->user_session_key, 16); -- 1.7.4.1