summaryrefslogtreecommitdiffstats
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/sam.c50
-rw-r--r--source4/auth/session.c45
2 files changed, 76 insertions, 19 deletions
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 767e44c45d..1b563ee115 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -298,15 +298,24 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
tmp_ctx = talloc_new(user_info_dc);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc, user_info_dc);
+ if (user_info_dc == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
sids = talloc_array(user_info_dc, struct dom_sid, 2);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sids, user_info_dc);
+ if (sids == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
num_sids = 2;
account_sid = samdb_result_dom_sid(user_info_dc, msg, "objectSid");
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(account_sid, user_info_dc);
+ if (account_sid == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
status = dom_sid_split_rid(tmp_ctx, account_sid, &domain_sid, NULL);
if (!NT_STATUS_IS_OK(status)) {
@@ -322,13 +331,22 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
* for builtin groups later, and not include them in the PAC
* on SamLogon validation info */
filter = talloc_asprintf(tmp_ctx, "(&(objectClass=group)(!(groupType:1.2.840.113556.1.4.803:=%u))(groupType:1.2.840.113556.1.4.803:=%u))", GROUP_TYPE_BUILTIN_LOCAL_GROUP, GROUP_TYPE_SECURITY_ENABLED);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(filter, user_info_dc);
+ if (filter == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
primary_group_string = dom_sid_string(tmp_ctx, &sids[PRIMARY_GROUP_SID_INDEX]);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(primary_group_string, user_info_dc);
+ if (primary_group_string == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
primary_group_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", primary_group_string);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(primary_group_dn, user_info_dc);
+ if (primary_group_dn == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
primary_group_blob = data_blob_string_const(primary_group_dn);
@@ -377,7 +395,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
str = ldb_msg_find_attr_as_string(msg, "displayName", "");
info->full_name = talloc_strdup(info, str);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(info->full_name, user_info_dc);
+ if (info->full_name == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
str = ldb_msg_find_attr_as_string(msg, "scriptPath", "");
info->logon_script = talloc_strdup(info, str);
@@ -396,7 +417,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
str = ldb_msg_find_attr_as_string(msg, "homeDrive", "");
info->home_drive = talloc_strdup(info, str);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(info->home_drive, user_info_dc);
+ if (info->home_drive == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
info->logon_server = talloc_strdup(info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(info->logon_server,
@@ -442,7 +466,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
user_info_dc->sids,
struct dom_sid,
user_info_dc->num_sids+1);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc->sids, user_info_dc);
+ if (user_info_dc->sids == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
user_info_dc->sids[user_info_dc->num_sids] = global_sid_Enterprise_DCs;
user_info_dc->num_sids++;
}
@@ -454,7 +481,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
user_info_dc->sids,
struct dom_sid,
user_info_dc->num_sids+1);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc->sids, user_info_dc);
+ if (user_info_dc->sids == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
user_info_dc->sids[user_info_dc->num_sids] = *domain_sid;
sid_append_rid(&user_info_dc->sids[user_info_dc->num_sids],
DOMAIN_RID_ENTERPRISE_READONLY_DCS);
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 1c0583e9f9..11f2766bc1 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -66,31 +66,52 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
session_info = talloc_zero(tmp_ctx, struct auth_session_info);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(session_info, tmp_ctx);
+ if (session_info == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
session_info->info = talloc_reference(session_info, user_info_dc->info);
session_info->torture = talloc_zero(session_info, struct auth_user_info_torture);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(session_info->torture, tmp_ctx);
+ if (session_info->torture == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
session_info->torture->num_dc_sids = user_info_dc->num_sids;
session_info->torture->dc_sids = talloc_reference(session_info, user_info_dc->sids);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(session_info->torture->dc_sids, tmp_ctx);
+ if (session_info->torture->dc_sids == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
/* unless set otherwise, the session key is the user session
* key from the auth subsystem */
session_info->session_key = data_blob_talloc(session_info, user_info_dc->user_session_key.data, user_info_dc->user_session_key.length);
if (!session_info->session_key.data && session_info->session_key.length) {
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(session_info->session_key.data, tmp_ctx);
+ if (session_info->session_key.data == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
}
anonymous_sid = dom_sid_parse_talloc(tmp_ctx, SID_NT_ANONYMOUS);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(anonymous_sid, tmp_ctx);
+ if (anonymous_sid == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
system_sid = dom_sid_parse_talloc(tmp_ctx, SID_NT_SYSTEM);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(system_sid, tmp_ctx);
+ if (system_sid == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
sids = talloc_array(tmp_ctx, struct dom_sid, user_info_dc->num_sids);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sids, tmp_ctx);
+ if (sids == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
if (!sids) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
@@ -151,11 +172,17 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
sid_string = dom_sid_string(tmp_ctx,
&sids[i]);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sid_string, user_info_dc);
+ if (sid_string == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
talloc_free(sid_string);
- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sid_dn, user_info_dc);
+ if (sid_dn == NULL) {
+ TALLOC_FREE(user_info_dc);
+ return NT_STATUS_NO_MEMORY;
+ }
sid_blob = data_blob_string_const(sid_dn);
/* This function takes in memberOf values and expands
generated by cgit (git 2.34.1) at 2026-01-06 13:49:33 +0000