]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
samdb: Fix an uninitialized variable read
authorVolker Lendecke <vl@samba.org>
Fri, 23 Jul 2021 06:47:47 +0000 (08:47 +0200)
committerJeremy Allison <jra@samba.org>
Fri, 6 Aug 2021 17:22:30 +0000 (17:22 +0000)
When the "(status == LDB_SUCCESS && msg != NULL)" condition in this
routine is not evaluating to true, "new_rid" is read uninitialized,
comparing it against ~0. Initialize new_rid and compare it against
UINT32_MAX instead of ~0.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source4/dsdb/samdb/ldb_modules/group_audit.c

index 5a01ac8a18575f279db66eb8b8a690a2d4eb6f2c..a6ca25eae4cd21cbd6a733d96ac79714207cfdff 100644 (file)
@@ -911,7 +911,7 @@ static void log_user_primary_group_change(
        const int status)
 {
        TALLOC_CTX *ctx = talloc_new(NULL);
-       uint32_t new_rid;
+       uint32_t new_rid = UINT32_MAX;
        struct dom_sid *account_sid = NULL;
        int ret;
        const struct ldb_message *msg = dsdb_audit_get_message(acc->request);
@@ -945,7 +945,7 @@ static void log_user_primary_group_change(
         * Otherwise only log if the primary group has actually changed.
         */
        if (account_sid != NULL &&
-           new_rid != ~0 &&
+           new_rid != UINT32_MAX &&
            acc->primary_group != new_rid) {
                const char* group = get_primary_group_dn(
                        ctx,