diff options
| author | Volker Lendecke <vlendec@samba.org> | 2006-03-14 08:27:44 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:15:27 -0500 |
| commit | 075e784491e6f2b491bd063db08ff1267f9cabbb (patch) | |
| tree | 57b7db1c073625d086082a6942b53551ab1541e7 /source/libmsrpc | |
| parent | 412dc6f5dbc796126b94f3809fe660afac5d3c2a (diff) | |
| download | samba-075e784491e6f2b491bd063db08ff1267f9cabbb.tar.gz samba-075e784491e6f2b491bd063db08ff1267f9cabbb.tar.xz samba-075e784491e6f2b491bd063db08ff1267f9cabbb.zip | |
r14367: Not that I fully understand what's going on here, but the code as it was here
was clearly buggy as Coverity showed with bug id #36.
According to samba4 idl the sec_desc_buf is [in,out,ref], so we _have_ to ship
it in the request.
Volker
Diffstat (limited to 'source/libmsrpc')
| -rw-r--r-- | source/libmsrpc/cac_winreg.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/source/libmsrpc/cac_winreg.c b/source/libmsrpc/cac_winreg.c index 8c9f06a59bf..4f6ae408083 100644 --- a/source/libmsrpc/cac_winreg.c +++ b/source/libmsrpc/cac_winreg.c @@ -823,7 +823,7 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG WERROR err; uint32 buf_size; - SEC_DESC_BUF *buf = NULL; + SEC_DESC_BUF buf; if(!hnd) return CAC_FAILURE; @@ -844,7 +844,7 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG return CAC_FAILURE; } - err = rpccli_reg_get_key_sec(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &buf_size, buf); + err = rpccli_reg_get_key_sec(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &buf_size, &buf); hnd->status = werror_to_ntstatus(err); @@ -852,8 +852,12 @@ int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegG return CAC_FAILURE; } - op->out.size = buf->len; - op->out.descriptor = buf->sec; + op->out.size = buf.len; + op->out.descriptor = dup_sec_desc(mem_ctx, buf.sec); + + if (op->out.descriptor == NULL) { + return CAC_FAILURE; + } return CAC_SUCCESS; } |