diff options
| author | Gerald Carter <jerry@samba.org> | 2006-11-13 18:44:26 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2006-11-13 18:44:26 +0000 |
| commit | ccdeb35f8362feeea37f1def36c602e9a98f08c0 (patch) | |
| tree | c64d924fe4c5d191a531b1cdf58a3bb337376450 | |
| parent | 76cc7dedb3a5434232a29d3d6e33bf84184e2d76 (diff) | |
| download | samba-ccdeb35f8362feeea37f1def36c602e9a98f08c0.tar.gz samba-ccdeb35f8362feeea37f1def36c602e9a98f08c0.tar.xz samba-ccdeb35f8362feeea37f1def36c602e9a98f08c0.zip | |
r19693: merge from SAMBA_3_0_23 tree
| -rw-r--r-- | source/lib/timegm.c | 10 | ||||
| -rw-r--r-- | source/libads/ldap.c | 48 | ||||
| -rw-r--r-- | source/libsmb/smb_signing.c | 8 | ||||
| -rw-r--r-- | source/smbd/posix_acls.c | 4 |
4 files changed, 57 insertions, 13 deletions
diff --git a/source/lib/timegm.c b/source/lib/timegm.c index 0e42a863d3f..dcc710b1ece 100644 --- a/source/lib/timegm.c +++ b/source/lib/timegm.c @@ -53,6 +53,16 @@ time_t timegm(struct tm *tm) time_t res = 0; unsigned i; + if (tm->tm_mon > 12 || + tm->tm_mon < 0 || + tm->tm_mday > 31 || + tm->tm_min > 60 || + tm->tm_sec > 60 || + tm->tm_hour > 24) { + /* invalid tm structure */ + return 0; + } + for (i = 70; i < tm->tm_year; ++i) res += is_leap(i) ? 366 : 365; diff --git a/source/libads/ldap.c b/source/libads/ldap.c index fb7c6730a07..707569b23e5 100644 --- a/source/libads/ldap.c +++ b/source/libads/ldap.c @@ -1200,8 +1200,8 @@ char *ads_ou_string(ADS_STRUCT *ads, const char *org_unit) char *ads_default_ou_string(ADS_STRUCT *ads, const char *wknguid) { ADS_STATUS status; - void *res; - char *base, *wkn_dn, *ret, **wkn_dn_exp, **bind_dn_exp; + void *res = NULL; + char *base, *wkn_dn, *ret = NULL, **wkn_dn_exp, **bind_dn_exp; const char *attrs[] = {"distinguishedName", NULL}; int new_ln, wkn_ln, bind_ln, i; @@ -1217,20 +1217,28 @@ char *ads_default_ou_string(ADS_STRUCT *ads, const char *wknguid) status = ads_search_dn(ads, &res, base, attrs); if (!ADS_ERR_OK(status)) { DEBUG(1,("Failed while searching for: %s\n", base)); - SAFE_FREE(base); - return NULL; + goto out; } - SAFE_FREE(base); if (ads_count_replies(ads, res) != 1) { - ads_msgfree(ads, res); - return NULL; + goto out; } /* substitute the bind-path from the well-known-guid-search result */ wkn_dn = ads_get_dn(ads, res); + if (!wkn_dn) { + goto out; + } + wkn_dn_exp = ldap_explode_dn(wkn_dn, 0); + if (!wkn_dn_exp) { + goto out; + } + bind_dn_exp = ldap_explode_dn(ads->config.bind_path, 0); + if (!bind_dn_exp) { + goto out; + } for (wkn_ln=0; wkn_dn_exp[wkn_ln]; wkn_ln++) ; @@ -1240,18 +1248,36 @@ char *ads_default_ou_string(ADS_STRUCT *ads, const char *wknguid) new_ln = wkn_ln - bind_ln; ret = SMB_STRDUP(wkn_dn_exp[0]); + if (!ret) { + goto out; + } for (i=1; i < new_ln; i++) { - char *s; - asprintf(&s, "%s,%s", ret, wkn_dn_exp[i]); + char *s = NULL; + + if (asprintf(&s, "%s,%s", ret, wkn_dn_exp[i]) == -1) { + SAFE_FREE(ret); + goto out; + } + + SAFE_FREE(ret); ret = SMB_STRDUP(s); free(s); + if (!ret) { + goto out; + } } + out: + SAFE_FREE(base); ads_msgfree(ads, res); ads_memfree(ads, wkn_dn); - ldap_value_free(wkn_dn_exp); - ldap_value_free(bind_dn_exp); + if (wkn_dn_exp) { + ldap_value_free(wkn_dn_exp); + } + if (bind_dn_exp) { + ldap_value_free(bind_dn_exp); + } return ret; } diff --git a/source/libsmb/smb_signing.c b/source/libsmb/smb_signing.c index b638800c0f8..e59254b16f3 100644 --- a/source/libsmb/smb_signing.c +++ b/source/libsmb/smb_signing.c @@ -613,6 +613,10 @@ BOOL client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid) return True; } + if (!data) { + return False; + } + if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, False)) { return False; } @@ -634,6 +638,10 @@ BOOL client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid) return True; } + if (!data) { + return False; + } + if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, True)) { return False; } diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c index e3614a32d5d..486149f4348 100644 --- a/source/smbd/posix_acls.c +++ b/source/smbd/posix_acls.c @@ -2257,8 +2257,8 @@ static BOOL current_user_in_group(gid_t gid) static BOOL acl_group_override(connection_struct *conn, gid_t prim_gid) { if ( (errno == EACCES || errno == EPERM) - && (lp_acl_group_control(SNUM(conn) || lp_dos_filemode(SNUM(conn)))) - && current_user_in_group(prim_gid) ) + && (lp_acl_group_control(SNUM(conn)) || lp_dos_filemode(SNUM(conn))) + && current_user_in_group(prim_gid)) { return True; } |