diff options
author | Gerald Carter <jerry@samba.org> | 2007-05-14 14:23:51 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:22:02 -0500 |
commit | f65214be68c1a59d9598bfb9f3b19e71cc3fa07b (patch) | |
tree | 3b6d5bb88d2724a53b94fbf96d5b279e346c4536 /source/rpc_parse/parse_sec.c | |
parent | 34f77af02e2073ccaabe1583011abeeabbbb24e1 (diff) | |
download | samba-f65214be68c1a59d9598bfb9f3b19e71cc3fa07b.tar.gz samba-f65214be68c1a59d9598bfb9f3b19e71cc3fa07b.tar.xz samba-f65214be68c1a59d9598bfb9f3b19e71cc3fa07b.zip |
r22852: merge fixes for CVE-2007-2446 and CVE-2007-2447 to all branches
Diffstat (limited to 'source/rpc_parse/parse_sec.c')
-rw-r--r-- | source/rpc_parse/parse_sec.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/source/rpc_parse/parse_sec.c b/source/rpc_parse/parse_sec.c index bc330622648..72accad1b6c 100644 --- a/source/rpc_parse/parse_sec.c +++ b/source/rpc_parse/parse_sec.c @@ -183,13 +183,12 @@ BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth) return False; if (UNMARSHALLING(ps)) { - /* - * Even if the num_aces is zero, allocate memory as there's a difference - * between a non-present DACL (allow all access) and a DACL with no ACE's - * (allow no access). - */ - if((psa->aces = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL) - return False; + if (psa->num_aces) { + if((psa->aces = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces)) == NULL) + return False; + } else { + psa->aces = NULL; + } } for (i = 0; i < psa->num_aces; i++) { |