From: Stefan Metzmacher Date: Tue, 15 Sep 2020 11:19:14 +0000 (+0200) Subject: CVE-2020-25717 wb_sids2xids: move more checks to wb_sids2xids_next_sids2unix() X-Git-Tag: samba-4.13.14~248 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ca5cf8d35b9756c9d65831718c5032533612c94a;p=thirdparty%2Fsamba.git CVE-2020-25717 wb_sids2xids: move more checks to wb_sids2xids_next_sids2unix() For the first run this is a no-op, but it simplified the caller. We'll call wb_sids2xids_next_sids2unix() in a few more places in future and it's easier to have this all within wb_sids2xids_next_sids2unix(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539 Signed-off-by: Stefan Metzmacher Reviewed-by: Gary Lockyer BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556 (cherry picked from commit 231c8d04b19a1c17937f988d142ca5c0f889d4e0) --- diff --git a/source3/winbindd/wb_sids2xids.c b/source3/winbindd/wb_sids2xids.c index 2a30eee2c7b..b934425f4fd 100644 --- a/source3/winbindd/wb_sids2xids.c +++ b/source3/winbindd/wb_sids2xids.c @@ -309,6 +309,13 @@ static void wb_sids2xids_next_sids2unix(struct tevent_req *req) struct tevent_req *subreq = NULL; struct dcerpc_binding_handle *child_binding_handle = NULL; + state->tried_dclookup = false; + + if (state->dom_index == state->idmap_doms.count) { + tevent_req_done(req); + return; + } + state->dom_ids = wb_sids2xids_extract_for_domain_index( state, &state->ids, state->dom_index); if (tevent_req_nomem(state->dom_ids, req)) { @@ -413,12 +420,6 @@ static void wb_sids2xids_done(struct tevent_req *subreq) TALLOC_FREE(state->dom_ids); state->dom_index += 1; - state->tried_dclookup = false; - - if (state->dom_index == state->idmap_doms.count) { - tevent_req_done(req); - return; - } wb_sids2xids_next_sids2unix(req); }