Fix for crash when doing name lookup with a quoted string. Part of

lookup_name was expecting to be able to write to the string. Changed
lookup_name to use const.
Jeremy.

5 files changed, 28 insertions, 13 deletions

diff --git a/source/include/dlinklist.h b/source/include/dlinklist.h
index d510aad0285..c35155d9bc7 100644
--- a/source/include/dlinklist.h
+++ b/source/include/dlinklist.h
@@ -37,17 +37,17 @@
 	}\
 }
 
-
-/* remove an element from a list */
+/* remove an element from a list - element doesn't have to be in list. */
 #define DLIST_REMOVE(list, p) \
 { \
 	if ((p) == (list)) { \
 		(list) = (p)->next; \
 		if (list) (list)->prev = NULL; \
 	} else { \
-		(p)->prev->next = (p)->next; \
+		if ((p)->prev) (p)->prev->next = (p)->next; \
 		if ((p)->next) (p)->next->prev = (p)->prev; \
 	} \
+	(p)->next = (p)->prev = NULL; \
 }
 
 /* promote an element to the top of the list */
@@ -57,10 +57,9 @@
           DLIST_ADD(list, p) \
 }
 
-/* demote an element to the top of the list, needs a tmp pointer */
-#define DLIST_DEMOTE(list, p, tmp) \
+/* hook into the end of the list - needs a tmp pointer */
+#define DLIST_ADD_END(list, p, tmp) \
 { \
-		DLIST_REMOVE(list, p) \
 		if (!(list)) { \
 			(list) = (p); \
 			(p)->next = (p)->prev = NULL; \
@@ -71,3 +70,10 @@
 			(p)->prev = (tmp); \
 		} \
 }
+
+/* demote an element to the top of the list, needs a tmp pointer */
+#define DLIST_DEMOTE(list, p, tmp) \
+{ \
+		DLIST_REMOVE(list, p) \
+		DLIST_ADD_END(list, p, tmp) \
+}
diff --git a/source/include/proto.h b/source/include/proto.h
index 7e158c1e03e..c53ad6971a7 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -1502,7 +1502,7 @@ void expire_workgroups_and_servers(time_t t);
 
 /*The following definitions come from  nsswitch/wb_client.c  */
 
-BOOL winbind_lookup_name(char *name, DOM_SID *sid, enum SID_NAME_USE *name_type);
+BOOL winbind_lookup_name(const char *name, DOM_SID *sid, enum SID_NAME_USE *name_type);
 BOOL winbind_lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE *name_type);
 BOOL winbind_sid_to_uid(uid_t *puid, DOM_SID *sid);
 BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid);
@@ -1841,7 +1841,7 @@ uint32 pdb_uid_to_user_rid(uid_t uid);
 uint32 pdb_gid_to_group_rid(gid_t gid);
 BOOL pdb_rid_is_user(uint32 rid);
 BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use);
-BOOL local_lookup_name(char *domain, char *user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use);
+BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use);
 DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid);
 BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type);
 DOM_SID *local_gid_to_sid(DOM_SID *psid, gid_t gid);
@@ -4167,7 +4167,7 @@ BOOL become_authenticated_pipe_user(pipes_struct *p);
 BOOL unbecome_authenticated_pipe_user(pipes_struct *p);
 void become_root(void);
 void unbecome_root(void);
-BOOL lookup_name(char *name, DOM_SID *psid, enum SID_NAME_USE *name_type);
+BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type);
 BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE *name_type);
 DOM_SID *uid_to_sid(DOM_SID *psid, uid_t uid);
 DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid);
diff --git a/source/nsswitch/wb_client.c b/source/nsswitch/wb_client.c
index 77c48352a3b..746e5406bc8 100644
--- a/source/nsswitch/wb_client.c
+++ b/source/nsswitch/wb_client.c
@@ -27,7 +27,7 @@
 
 /* Call winbindd to convert a name to a sid */
 
-BOOL winbind_lookup_name(char *name, DOM_SID *sid, enum SID_NAME_USE *name_type)
+BOOL winbind_lookup_name(const char *name, DOM_SID *sid, enum SID_NAME_USE *name_type)
 {
 	struct winbindd_request request;
 	struct winbindd_response response;
diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c
index 2b318eca539..918fdcd0883 100644
--- a/source/passdb/passdb.c
+++ b/source/passdb/passdb.c
@@ -504,11 +504,21 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
  Convert a name into a SID. Used in the lookup name rpc.
  ********************************************************************/
 
-BOOL local_lookup_name(char *domain, char *user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use)
+BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use)
 {
 	extern DOM_SID global_sid_World_Domain;
 	struct passwd *pass = NULL;
 	DOM_SID local_sid;
+	fstring user;
+	fstring domain;
+
+	/*
+	 * domain and user may be quoted const strings, and map_username and
+	 * friends can modify them. Make a modifiable copy. JRA.
+	 */
+
+	fstrcpy(domain, c_domain);
+	fstrcpy(user, c_user);
 
 	sid_copy(&local_sid, &global_sam_sid);
 
diff --git a/source/smbd/uid.c b/source/smbd/uid.c
index 3d37021fff5..02522a37a2c 100644
--- a/source/smbd/uid.c
+++ b/source/smbd/uid.c
@@ -266,7 +266,7 @@ void unbecome_root(void)
  Tries winbind first - then uses local lookup.
 *****************************************************************/  
 
-BOOL lookup_name(char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
+BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
 {
 	extern pstring global_myname;
 	extern fstring global_myworkgroup;
@@ -302,7 +302,6 @@ BOOL lookup_name(char *name, DOM_SID *psid, enum SID_NAME_USE *name_type)
 			ret = local_lookup_name(domain, username, psid, 
 						name_type);
 		} else {
-
 			ret = local_lookup_name(global_myname, name, psid, 
 						name_type);
 		}