diff options
author | Andrew Bartlett <abartlet@samba.org> | 2014-05-13 17:47:03 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2014-06-11 10:18:26 +0200 |
commit | cda32d4e47aa3efb040eb60f1a0332ea8dd58417 (patch) | |
tree | 8132a1b61a721af132965ce267d0234dbccbe151 /source3/passdb/machine_account_secrets.c | |
parent | 6da8126a115419587672d16e2440c322a837da6b (diff) | |
download | samba-cda32d4e47aa3efb040eb60f1a0332ea8dd58417.tar.gz samba-cda32d4e47aa3efb040eb60f1a0332ea8dd58417.tar.xz samba-cda32d4e47aa3efb040eb60f1a0332ea8dd58417.zip |
passdb: Do not routinely clear the global memory returned by get_global_sam_sid()
This avoids use-after-free errors and tdb database churn.
Andrew Bartlett
Change-Id: If7ab2e24556d9dffc7ad22c0489d665dd75a0cab
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Diffstat (limited to 'source3/passdb/machine_account_secrets.c')
-rw-r--r-- | source3/passdb/machine_account_secrets.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 5758efe819..4e35a72638 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -29,6 +29,7 @@ #include "dbwrap/dbwrap.h" #include "../librpc/ndr/libndr.h" #include "util_tdb.h" +#include "libcli/security/security.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB @@ -106,9 +107,12 @@ bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid) ret = secrets_store(domain_sid_keystr(domain), sid, sizeof(struct dom_sid )); - /* Force a re-query, in case we modified our domain */ - if (ret) - reset_global_sam_sid(); + /* Force a re-query, in the case where we modified our domain */ + if (ret) { + if (dom_sid_equal(get_global_sam_sid(), sid) == false) { + reset_global_sam_sid(); + } + } return ret; } |