s3/lib: return error from set_namearray()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 48d38a93a7966560d5ae8aa79c1708e0af83588f..966d038cc404029fc14f0acba09aac0c2935fb83 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -326,7 +326,7 @@ bool token_contains_name(TALLOC_CTX *mem_ctx,
                         const struct security_token *token,
                         const char *name,
                         bool *match);
-void set_namearray(TALLOC_CTX *mem_ctx,
+bool set_namearray(TALLOC_CTX *mem_ctx,
                   const char *namelist,
                   const struct security_token *token,
                   struct name_compare_entry **_name_array);

diff --git a/source3/lib/util_namearray.c b/source3/lib/util_namearray.c
index 0a8b01d246cf921cab4b1768a538d7e381a91729..ca3344e09f14058198549421194714ae9dadc07e 100644 (file)
--- a/source3/lib/util_namearray.c
+++ b/source3/lib/util_namearray.c
@@ -190,7 +190,7 @@ bool token_contains_name(TALLOC_CTX *mem_ctx,
  if possible.
 ********************************************************************/
 
-void set_namearray(TALLOC_CTX *mem_ctx,
+bool set_namearray(TALLOC_CTX *mem_ctx,
                   const char *namelist_in,
                   const struct security_token *token,
                   struct name_compare_entry **_name_array)
@@ -205,13 +205,13 @@ void set_namearray(TALLOC_CTX *mem_ctx,
        *_name_array = NULL;
 
        if ((namelist_in == NULL) || (namelist_in[0] == '\0')) {
-               return;
+               return true;
        }
 
        namelist = path_to_strv(mem_ctx, namelist_in);
        if (namelist == NULL) {
                DBG_ERR("path_to_strv failed\n");
-               return;
+               return false;
        }
 
        num_entries = strv_count(namelist);
@@ -222,7 +222,7 @@ void set_namearray(TALLOC_CTX *mem_ctx,
        if (name_array == NULL) {
                DBG_ERR("talloc failed\n");
                TALLOC_FREE(namelist);
-               return;
+               return false;
        }
 
        namelist = talloc_reparent(mem_ctx, name_array, namelist);
@@ -244,7 +244,7 @@ void set_namearray(TALLOC_CTX *mem_ctx,
                        if (p == NULL) {
                                DBG_ERR("Missing username\n");
                                TALLOC_FREE(namelist);
-                               return;
+                               return false;
                        }
                        username = p;
 
@@ -254,7 +254,7 @@ void set_namearray(TALLOC_CTX *mem_ctx,
                                DBG_ERR("Missing filename after username '%s'\n",
                                        username);
                                TALLOC_FREE(namelist);
-                               return;
+                               return false;
                        }
 
                        ok = token_contains_name(talloc_tos(),
@@ -265,7 +265,8 @@ void set_namearray(TALLOC_CTX *mem_ctx,
                                                 username,
                                                 &match);
                        if (!ok) {
-                               continue;
+                               TALLOC_FREE(namelist);
+                               return false;
                        }
                        if (!match) {
                                continue;
@@ -278,5 +279,5 @@ void set_namearray(TALLOC_CTX *mem_ctx,
        }
 
        *_name_array = name_array;
-       return;
+       return true;
 }

diff --git a/source3/modules/vfs_virusfilter.c b/source3/modules/vfs_virusfilter.c
index dbf069e1bc4297bf27b6d29f781ea502c3a70cce..6d4a6fdb98c1e8f23ae6780b84f29b0b679407a0 100644 (file)
--- a/source3/modules/vfs_virusfilter.c
+++ b/source3/modules/vfs_virusfilter.c
@@ -217,6 +217,7 @@ static int virusfilter_vfs_connect(
        int connect_timeout = 0;
        int io_timeout = 0;
        int ret = -1;
+       bool ok;
 
        config = talloc_zero(handle, struct virusfilter_config);
        if (config == NULL) {
@@ -255,19 +256,27 @@ static int virusfilter_vfs_connect(
        exclude_files = lp_parm_const_string(
                snum, "virusfilter", "exclude files", NULL);
        if (exclude_files != NULL) {
-               set_namearray(config,
-                             exclude_files,
-                             NULL,
-                             &config->exclude_files);
+               ok = set_namearray(config,
+                                  exclude_files,
+                                  NULL,
+                                  &config->exclude_files);
+               if (!ok) {
+                       DBG_ERR("set_namearray failed\n");
+                       return -1;
+               }
        }
 
        infected_files = lp_parm_const_string(
                snum, "virusfilter", "infected files", NULL);
        if (infected_files != NULL) {
-               set_namearray(config,
-                             infected_files,
-                             NULL,
-                             &config->infected_files);
+               ok = set_namearray(config,
+                                  infected_files,
+                                  NULL,
+                                  &config->infected_files);
+               if (!ok) {
+                       DBG_ERR("set_namearray failed\n");
+                       return -1;
+               }
        }
 
        config->cache_entry_limit = lp_parm_int(
@@ -500,8 +509,8 @@ static int virusfilter_vfs_connect(
         * and becoming root over and over.
         */
        if (config->infected_file_action == VIRUSFILTER_ACTION_QUARANTINE) {
-               bool ok = true;
                bool dir_exists;
+               ok = true;
 
                /*
                 * Do SMB_VFS_NEXT_MKDIR(config->quarantine_dir)

diff --git a/source3/smbd/smb2_service.c b/source3/smbd/smb2_service.c
index e8f1a0db26c0749476eb8c8964a21a0d2fd653a0..06c20c167498d20f6d4673d11978eae9e22ec545 100644 (file)
--- a/source3/smbd/smb2_service.c
+++ b/source3/smbd/smb2_service.c
@@ -753,14 +753,22 @@ NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
 
        /* Add veto/hide lists */
        if (!IS_IPC(conn) && !IS_PRINT(conn)) {
-               set_namearray(conn,
-                             lp_veto_oplock_files(talloc_tos(), lp_sub, snum),
-                             NULL,
-                             &conn->veto_oplock_list);
-               set_namearray(conn,
-                             lp_aio_write_behind(talloc_tos(), lp_sub, snum),
-                             NULL,
-                             &conn->aio_write_behind_list);
+               ok = set_namearray(conn,
+                                  lp_veto_oplock_files(talloc_tos(), lp_sub, snum),
+                                  NULL,
+                                  &conn->veto_oplock_list);
+               if (!ok) {
+                       status = NT_STATUS_NO_MEMORY;
+                       goto err_root_exit;
+               }
+               ok = set_namearray(conn,
+                                  lp_aio_write_behind(talloc_tos(), lp_sub, snum),
+                                  NULL,
+                                  &conn->aio_write_behind_list);
+               if (!ok) {
+                       status = NT_STATUS_NO_MEMORY;
+                       goto err_root_exit;
+               }
        }
        smb_fname_cpath = synthetic_smb_fname(talloc_tos(),
                                        conn->connectpath,

diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 747e0a5d3bee28e35f90acd34eeaf5f2475d9c8b..fa5f9bcc2f66781a99252e01abe4023f0df16b4d 100644 (file)
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -284,14 +284,20 @@ static bool check_user_ok(connection_struct *conn,
 
        /* Add veto/hide lists */
        if (!IS_IPC(conn) && !IS_PRINT(conn)) {
-               set_namearray(conn,
-                             lp_veto_files(talloc_tos(), lp_sub, snum),
-                             session_info->security_token,
-                             &ent->veto_list);
-               set_namearray(conn,
-                             lp_hide_files(talloc_tos(), lp_sub, snum),
-                             session_info->security_token,
-                             &ent->hide_list);
+               ok = set_namearray(conn,
+                                  lp_veto_files(talloc_tos(), lp_sub, snum),
+                                  session_info->security_token,
+                                  &ent->veto_list);
+               if (!ok) {
+                       return false;
+               }
+               ok = set_namearray(conn,
+                                  lp_hide_files(talloc_tos(), lp_sub, snum),
+                                  session_info->security_token,
+                                  &ent->hide_list);
+               if (!ok) {
+                       return false;
+               }
        }
 
        free_conn_state_if_unused(conn);

diff --git a/source3/torture/test_matching.c b/source3/torture/test_matching.c
index 715271c2b5637ecc314947d4ec8e928946dabad7..8ee06e858770f694b0ff15cc9c701fe77fe96076 100644 (file)
--- a/source3/torture/test_matching.c
+++ b/source3/torture/test_matching.c
@@ -66,8 +66,8 @@ bool run_str_match_mswild(int dummy)
 
        d_fprintf(stderr, "namelist: %s\n", namelist);
 
-       set_namearray(talloc_tos(), namelist, NULL, &name_entries);
-       SMB_ASSERT(name_entries != NULL);
+       ret = set_namearray(talloc_tos(), namelist, NULL, &name_entries);
+       SMB_ASSERT(ret && name_entries != NULL);
 
        status = samba_path_matching_mswild_create(talloc_tos(),
                                                   true, /* case_sensitive */