diff options
| author | Volker Lendecke <vl@samba.org> | 2021-04-14 10:48:04 +0200 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2021-04-19 18:18:31 +0000 |
| commit | 1a696c9ae28453bbf40f14c8f0175664a4ddf3b8 (patch) | |
| tree | ecdf3fb6b2da9109f86a05868506af7661b90191 /source3 | |
| parent | 42906e971d6f19b86e1d2440571df8eebd63dfbd (diff) | |
| download | samba-1a696c9ae28453bbf40f14c8f0175664a4ddf3b8.tar.gz | |
create_local_token: Add error checks
add_sid_to_array_unique() only fails for ENOMEM, and other parts of
the auth stack would probably crash under ENOMEM anyway. But this is
authorization-related code that should be as clean as possible.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/auth/auth_util.c | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 5a959bf1da8..f7b37e5be63 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -653,20 +653,35 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, */ uid_to_unix_users_sid(session_info->unix_token->uid, &tmp_sid); - add_sid_to_array_unique(session_info->security_token, &tmp_sid, - &session_info->security_token->sids, - &session_info->security_token->num_sids); + status = add_sid_to_array_unique( + session_info->security_token, + &tmp_sid, + &session_info->security_token->sids, + &session_info->security_token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } gid_to_unix_groups_sid(session_info->unix_token->gid, &tmp_sid); - add_sid_to_array_unique(session_info->security_token, &tmp_sid, - &session_info->security_token->sids, - &session_info->security_token->num_sids); + status = add_sid_to_array_unique( + session_info->security_token, + &tmp_sid, + &session_info->security_token->sids, + &session_info->security_token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } for ( i=0; i<session_info->unix_token->ngroups; i++ ) { gid_to_unix_groups_sid(session_info->unix_token->groups[i], &tmp_sid); - add_sid_to_array_unique(session_info->security_token, &tmp_sid, - &session_info->security_token->sids, - &session_info->security_token->num_sids); + status = add_sid_to_array_unique( + session_info->security_token, + &tmp_sid, + &session_info->security_token->sids, + &session_info->security_token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } } security_token_debug(DBGC_AUTH, 10, session_info->security_token); |