Bug 12373 - Micro-Clone in libcli/security/sddl.c
Summary: Micro-Clone in libcli/security/sddl.c
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-11 13:01 UTC by Moritz Beller
Modified: 2016-10-14 09:22 UTC (History)
1 user (show)

See Also:


Attachments
Patch for likely solution (1.04 KB, patch)
2016-10-11 13:53 UTC, Moritz Beller
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Beller 2016-10-11 13:01:31 UTC
Hi,

We found this micro-clone in libcli/security/sddl.c:

	if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
	    ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT ||
	    ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT ||
	    ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT) {

The last two lines are identical. Comparing it to the rest of the file, the last line should probably read as:

	    ace->type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT

(Or be removed entirely, which is current behavior)

It would be very helpful to get someone with actual knowledge of the symbols and code to review if this makes sense.
Comment 1 Moritz Beller 2016-10-11 13:53:45 UTC
Created attachment 12563 [details]
Patch for likely solution

Please review
Comment 2 Jeremy Allison 2016-10-11 18:16:40 UTC
Comment on attachment 12563 [details]
Patch for likely solution

This looks correct to me. Can you post this to samba-technical@lists.samba.org with this bug number so we can get it into master and then into the next release ?

Thanks,

Jeremy.
Comment 3 Moritz Beller 2016-10-12 21:54:05 UTC
Done.

Moritz
Comment 4 Moritz Beller 2016-10-14 09:22:18 UTC
Reviewed and pushed.