diff options
| author | Volker Lendecke <vl@samba.org> | 2019-03-11 16:55:57 +0100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2019-03-12 00:42:19 +0000 |
| commit | e18610a197aab80a32cae8c1e09b96496679bbad (patch) | |
| tree | 2868943bc213731d1c8c6ff4afbb1120bf35873d | |
| parent | a27c39c2c9fd3161f5bf3ae5dba687c8d49519ef (diff) | |
| download | samba-e18610a197aab80a32cae8c1e09b96496679bbad.tar.gz | |
lib: Make sid_parse return the parsed length
Use a temporary struct as a return value to make the compiler catch all
callers. If we just changed bool->ssize_t, this would just generate a
warning. struct sid_parse_ret will go away in the next commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| -rw-r--r-- | libcli/security/dom_sid.h | 4 | ||||
| -rw-r--r-- | libcli/security/util_sid.c | 7 | ||||
| -rw-r--r-- | source3/lib/smbldap.c | 4 | ||||
| -rw-r--r-- | source3/lib/tldap_util.c | 4 | ||||
| -rw-r--r-- | source3/libads/ldap.c | 14 | ||||
| -rw-r--r-- | source3/modules/vfs_default.c | 4 | ||||
| -rw-r--r-- | source3/torture/torture.c | 10 | ||||
| -rw-r--r-- | source4/dsdb/common/util.c | 13 | ||||
| -rw-r--r-- | source4/torture/unix/whoami.c | 26 |
9 files changed, 54 insertions, 32 deletions
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h index abaf305f96a..bc66280291b 100644 --- a/libcli/security/dom_sid.h +++ b/libcli/security/dom_sid.h @@ -112,7 +112,9 @@ bool sid_split_rid(struct dom_sid *sid, uint32_t *rid); bool sid_peek_rid(const struct dom_sid *sid, uint32_t *rid); bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid *sid, uint32_t *rid); void sid_copy(struct dom_sid *dst, const struct dom_sid *src); -bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid); +struct sid_parse_ret { ssize_t len; }; +struct sid_parse_ret sid_parse( + const uint8_t *inbuf, size_t len, struct dom_sid *sid); int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2); NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, struct dom_sid **sids, uint32_t *num); diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c index 531d3809565..4a186d69cda 100644 --- a/libcli/security/util_sid.c +++ b/libcli/security/util_sid.c @@ -300,7 +300,8 @@ void sid_copy(struct dom_sid *dst, const struct dom_sid *src) Parse a on-the-wire SID to a struct dom_sid. *****************************************************************/ -bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid) +struct sid_parse_ret sid_parse( + const uint8_t *inbuf, size_t len, struct dom_sid *sid) { DATA_BLOB in = data_blob_const(inbuf, len); enum ndr_err_code ndr_err; @@ -308,9 +309,9 @@ bool sid_parse(const uint8_t *inbuf, size_t len, struct dom_sid *sid) ndr_err = ndr_pull_struct_blob_all( &in, NULL, sid, (ndr_pull_flags_fn_t)ndr_pull_dom_sid); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return false; + return (struct sid_parse_ret) { .len = -1 }; } - return true; + return (struct sid_parse_ret) { .len = ndr_size_dom_sid(sid, 0) }; } /***************************************************************** diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 5a67ab79058..cdd350fffa1 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -278,7 +278,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state, struct dom_sid *sid) { DATA_BLOB blob; - bool ret; + struct sid_parse_ret ret; if (!smbldap_talloc_single_blob(talloc_tos(), ld, msg, attrib, &blob)) { @@ -286,7 +286,7 @@ void smbldap_set_bind_callback(struct smbldap_state *state, } ret = sid_parse(blob.data, blob.length, sid); TALLOC_FREE(blob.data); - return ret; + return (ret.len != -1); } static int ldapmsg_destructor(LDAPMessage **result) { diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c index 3938fca901f..efc37e48e7c 100644 --- a/source3/lib/tldap_util.c +++ b/source3/lib/tldap_util.c @@ -88,11 +88,13 @@ bool tldap_pull_binsid(struct tldap_message *msg, const char *attribute, struct dom_sid *sid) { DATA_BLOB val; + struct sid_parse_ret ret; if (!tldap_get_single_valueblob(msg, attribute, &val)) { return false; } - return sid_parse(val.data, val.length, sid); + ret = sid_parse(val.data, val.length, sid); + return (ret.len != -1); } bool tldap_pull_guid(struct tldap_message *msg, const char *attribute, diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 728c821f32d..8e0ecb87569 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2264,10 +2264,12 @@ static void dump_sid(ADS_STRUCT *ads, const char *field, struct berval **values) { int i; for (i=0; values[i]; i++) { + struct sid_parse_ret ret; struct dom_sid sid; struct dom_sid_buf tmp; - if (!sid_parse((const uint8_t *)values[i]->bv_val, - values[i]->bv_len, &sid)) { + ret = sid_parse((const uint8_t *)values[i]->bv_val, + values[i]->bv_len, &sid); + if (ret.len == -1) { return; } printf("%s: %s\n", field, dom_sid_str_buf(&sid, &tmp)); @@ -2773,7 +2775,6 @@ int ads_count_replies(ADS_STRUCT *ads, void *res) LDAPMessage *msg, const char *field, struct dom_sid **sids) { struct berval **values; - bool ret; int count, i; values = ldap_get_values_len(ads->ldap.ld, msg, field); @@ -2796,9 +2797,10 @@ int ads_count_replies(ADS_STRUCT *ads, void *res) count = 0; for (i=0; values[i]; i++) { + struct sid_parse_ret ret; ret = sid_parse((const uint8_t *)values[i]->bv_val, values[i]->bv_len, &(*sids)[count]); - if (ret) { + if (ret.len != -1) { struct dom_sid_buf buf; DBG_DEBUG("pulling SID: %s\n", dom_sid_str_buf(&(*sids)[count], &buf)); @@ -3356,6 +3358,7 @@ ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx, } break; case ADS_EXTENDED_DN_HEX_STRING: { + struct sid_parse_ret ret; fstring buf; size_t buf_len; @@ -3364,7 +3367,8 @@ ADS_STATUS ads_get_sid_from_extended_dn(TALLOC_CTX *mem_ctx, return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); } - if (!sid_parse((const uint8_t *)buf, buf_len, sid)) { + ret = sid_parse((const uint8_t *)buf, buf_len, sid); + if (ret.len == -1) { DEBUG(10,("failed to parse sid\n")); return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); } diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 1ed2c810667..7ce3775e54f 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1355,6 +1355,7 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct *handle, * * but I have to check that --metze */ + struct sid_parse_ret ret; struct dom_sid sid; struct dom_sid_buf buf; uid_t uid; @@ -1373,7 +1374,8 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct *handle, /* unknown 4 bytes: this is not the length of the sid :-( */ /*unknown = IVAL(pdata,0);*/ - if (!sid_parse(_in_data + 4, sid_len, &sid)) { + ret = sid_parse(_in_data + 4, sid_len, &sid); + if (ret.len == -1) { return NT_STATUS_INVALID_PARAMETER; } DEBUGADD(10, ("for SID: %s\n", diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 3df5e409c57..7a209859b3f 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -10878,6 +10878,7 @@ static bool run_local_sid_to_string(int dummy) { } static bool run_local_binary_to_sid(int dummy) { + struct sid_parse_ret ret; struct dom_sid *sid = talloc(NULL, struct dom_sid); static const uint8_t good_binary_sid[] = { 0x1, /* revision number */ @@ -10962,13 +10963,16 @@ static bool run_local_binary_to_sid(int dummy) { 0x1, 0x1, 0x1, 0x1, /* auth[31] */ }; - if (!sid_parse(good_binary_sid, sizeof(good_binary_sid), sid)) { + ret = sid_parse(good_binary_sid, sizeof(good_binary_sid), sid); + if (ret.len == -1) { return false; } - if (sid_parse(long_binary_sid2, sizeof(long_binary_sid2), sid)) { + ret = sid_parse(long_binary_sid2, sizeof(long_binary_sid2), sid); + if (ret.len != -1) { return false; } - if (sid_parse(long_binary_sid, sizeof(long_binary_sid), sid)) { + ret = sid_parse(long_binary_sid, sizeof(long_binary_sid), sid); + if (ret.len != -1) { return false; } return true; diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 7cc9729bc3f..411d1dd22b0 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -342,7 +342,7 @@ uint32_t samdb_result_rid_from_sid(TALLOC_CTX *mem_ctx, const struct ldb_message struct dom_sid *samdb_result_dom_sid(TALLOC_CTX *mem_ctx, const struct ldb_message *msg, const char *attr) { - bool ok; + struct sid_parse_ret ret; const struct ldb_val *v; struct dom_sid *sid; v = ldb_msg_find_ldb_val(msg, attr); @@ -353,8 +353,8 @@ struct dom_sid *samdb_result_dom_sid(TALLOC_CTX *mem_ctx, const struct ldb_messa if (sid == NULL) { return NULL; } - ok = sid_parse(v->data, v->length, sid); - if (!ok) { + ret = sid_parse(v->data, v->length, sid); + if (ret.len == -1) { talloc_free(sid); return NULL; } @@ -5809,7 +5809,8 @@ static int dsdb_count_domain_callback( case LDB_REPLY_ENTRY: { struct dsdb_count_domain_context *context = NULL; - bool ok, in_domain; + struct sid_parse_ret ret; + bool in_domain; struct dom_sid sid; const struct ldb_val *v; @@ -5824,8 +5825,8 @@ static int dsdb_count_domain_callback( break; } - ok = sid_parse(v->data, v->length, &sid); - if (!ok) { + ret = sid_parse(v->data, v->length, &sid); + if (ret.len == -1) { break; } diff --git a/source4/torture/unix/whoami.c b/source4/torture/unix/whoami.c index efd9efaab57..f554c9e1711 100644 --- a/source4/torture/unix/whoami.c +++ b/source4/torture/unix/whoami.c @@ -303,11 +303,13 @@ static bool test_against_ldap(struct torture_context *torture, struct ldb_contex for (i = 0; i < el->num_values; i++) { struct dom_sid *sid = talloc(torture, struct dom_sid); + struct sid_parse_ret ret; torture_assert(torture, sid != NULL, "talloc failed"); - + + ret = sid_parse(el->values[i].data, + el->values[i].length, sid); torture_assert(torture, - sid_parse(el->values[i].data, - el->values[i].length, sid), + ret.len != -1, "sid parse failed"); torture_assert_str_equal(torture, dom_sid_string(sid, sid), dom_sid_string(sid, whoami->sid_list[i]), "SID from LDAP and SID from CIFS does not match!"); talloc_free(sid); @@ -318,20 +320,24 @@ static bool test_against_ldap(struct torture_context *torture, struct ldb_contex struct dom_sid *dom_sid = talloc(torture, struct dom_sid); struct dom_sid *dc_sids = talloc_array(torture, struct dom_sid, el->num_values); struct dom_sid *member_sids = talloc_array(torture, struct dom_sid, whoami->num_sids); + struct sid_parse_ret ret; torture_assert(torture, user_sid != NULL, "talloc failed"); - torture_assert(torture, sid_parse(el->values[0].data, - el->values[0].length, - user_sid), + ret = sid_parse(el->values[0].data, + el->values[0].length, + user_sid); + torture_assert(torture, + ret.len != -1, "sid parse failed"); torture_assert_ntstatus_equal(torture, dom_sid_split_rid(torture, user_sid, &dom_sid, NULL), NT_STATUS_OK, "failed to split domain SID from user SID"); for (i = 0; i < el->num_values; i++) { struct dom_sid *sid = talloc(dc_sids, struct dom_sid); torture_assert(torture, sid != NULL, "talloc failed"); - + + ret = sid_parse(el->values[i].data, + el->values[i].length, + sid); torture_assert(torture, - sid_parse(el->values[i].data, - el->values[i].length, - sid), + ret.len != -1, "sid parse failed"); if (dom_sid_in_domain(dom_sid, sid)) { dc_sids[num_domain_sids_dc] = *sid; |