CVE-2020-25717 wb_sids2xids: inline wb_sids2xids_extract_for_domain_index() into wb_sids2xids_next_sids2unix()
Instead of re-creating the dom_ids element,
we just use a pre-allocated map_ids_in array.
This is a bit tricky as we need to use map_ids_out as a copy of
map_ids_in, because the _ids argument of dcerpc_wbint_Sids2UnixIDs_send()
in [in,out], which means that _ids->ids is changed between
dcerpc_wbint_Sids2UnixIDs_send() and dcerpc_wbint_Sids2UnixIDs_recv()!
If the domain doesn't need any mappings, we'll move to the next domain
early, for now this can't happend but it will in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
(cherry picked from commit
f6bb0ed21f82f2cf1f238f9f00cd049ecf8673af)
projects / thirdparty / samba.git / commit
