cmdline:burn: always return true if burnt

Before we have been trying to cram three cases into a boolean return
value:

 * cmdline had secrets, we burnt them       ->  true
 * cmdline had no secrets, all good         ->  false
 * cmdline has NULL string, WTF! emergency! ->  false

This return value is only used by Python which wants to know whether to
go to the trouble of replacing the command line. If samba_cmdline_burn()
returns false, no action is taken.

If samba_cmdline_burn() burns a password and then hits a NULL, it would
be better not to do nothing. It would be better to crash. And that is
what Python will end up doing, by some talloc returning NULL triggering
a MemoryError.

What about the case like {"--foo", NULL, "-Ua%b"} where the secret comes
after the NULL? That will still be ignored by Python, as it is by all C
tools, but we are hoping that can't happen anyway.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit d3d8dffc0212662456a6251baee5afd432160fa2)

diff --git a/lib/cmdline/cmdline.c b/lib/cmdline/cmdline.c
index 48801be2606c0336bec4cc2da231f578d3132cdc..fa3bfefecedb5164c684736afbcebaebbd96b082 100644 (file)
--- a/lib/cmdline/cmdline.c
+++ b/lib/cmdline/cmdline.c
@@ -147,7 +147,7 @@ bool samba_cmdline_burn(int argc, char *argv[])
        for (i = 0; i < argc; i++) {
                p = argv[i];
                if (p == NULL) {
-                       return false;
+                       return burnt;
                }
 
                found = false;
@@ -203,7 +203,7 @@ bool samba_cmdline_burn(int argc, char *argv[])
                                }
                                p = argv[i];
                                if (p == NULL) {
-                                       return false;
+                                       return burnt;
                                }
                                ulen = 0;
                        }