Bug 12373 - Micro-Clone in libcli/security/sddl.c
Micro-Clone in libcli/security/sddl.c
Status: RESOLVED FIXED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other
unspecified
All All
: P5 normal
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-10-11 13:01 UTC by Moritz Beller
Modified: 2016-10-14 09:22 UTC (History)
1 user (show)

See Also:


Attachments
Patch for likely solution (1.04 KB, patch)
2016-10-11 13:53 UTC, Moritz Beller
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Beller 2016-10-11 13:01:31 UTC
Hi,

We found this micro-clone in libcli/security/sddl.c:

	if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
	    ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT ||
	    ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT ||
	    ace->type == SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT) {

The last two lines are identical. Comparing it to the rest of the file, the last line should probably read as:

	    ace->type == SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT

(Or be removed entirely, which is current behavior)

It would be very helpful to get someone with actual knowledge of the symbols and code to review if this makes sense.
Comment 1 Moritz Beller 2016-10-11 13:53:45 UTC
Created attachment 12563 [details]
Patch for likely solution

Please review
Comment 2 Jeremy Allison 2016-10-11 18:16:40 UTC
Comment on attachment 12563 [details]
Patch for likely solution

This looks correct to me. Can you post this to samba-technical@lists.samba.org with this bug number so we can get it into master and then into the next release ?

Thanks,

Jeremy.
Comment 3 Moritz Beller 2016-10-12 21:54:05 UTC
Done.

Moritz
Comment 4 Moritz Beller 2016-10-14 09:22:18 UTC
Reviewed and pushed.