autorid: when storing a new range, always check it does not exist.

Also check for existence when the range is >= the HWM,
typically the "acquire" case where we bump the HWM.
In case of external modification, we would previously
simply overwrite an an existing range mapping. Now we
check and throw INTERNAL_DB_CORRUPTION in this case.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

1 files changed, 22 insertions, 15 deletions

diff --git a/source3/winbindd/idmap_autorid_tdb.c b/source3/winbindd/idmap_autorid_tdb.c
index e01c31bc7c8..4f7861de651 100644
--- a/source3/winbindd/idmap_autorid_tdb.c
+++ b/source3/winbindd/idmap_autorid_tdb.c
@@ -175,26 +175,33 @@ static NTSTATUS idmap_autorid_addrange_action(struct db_context *db,
 		goto error;
 	}
 
-	if (requested_rangenum < hwm) {
-		/*
-		 * Set a specified range below the HWM:
-		 * We need to check that it is not yet taken.
-		 */
+	/*
+	 * Check that it is not yet taken.
+	 * If the range is requested and < HWM, we need
+	 * to check anyways, and otherwise, we also better
+	 * check in order to prevent further corruption
+	 * in case the db has been externally modified.
+	 */
 
-		numstr = talloc_asprintf(mem_ctx, "%u", requested_rangenum);
-		if (!numstr) {
-			ret = NT_STATUS_NO_MEMORY;
-			goto error;
-		}
+	numstr = talloc_asprintf(mem_ctx, "%u", requested_rangenum);
+	if (!numstr) {
+		ret = NT_STATUS_NO_MEMORY;
+		goto error;
+	}
 
-		if (dbwrap_exists(db, string_term_tdb_data(numstr))) {
-			DEBUG(1, ("Requested range already in use.\n"));
+	if (dbwrap_exists(db, string_term_tdb_data(numstr))) {
+		DEBUG(1, ("Requested range '%s' is already in use.\n", numstr));
+
+		if (requested_rangenum < hwm) {
 			ret = NT_STATUS_INVALID_PARAMETER;
-			goto error;
+		} else {
+			ret = NT_STATUS_INTERNAL_DB_CORRUPTION;
 		}
 
-		TALLOC_FREE(numstr);
-	} else {
+		goto error;
+	}
+
+	if (requested_rangenum >= hwm) {
 		/*
 		 * requested or automatic range >= HWM:
 		 * increment the HWM.