From a01f680e43a4aade9fde9bf83842647a3f9f708c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 21 Apr 2021 21:51:44 +0200 Subject: [PATCH] passdb: Add error checks in samu_set_unix_internal() Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider --- source3/passdb/passdb.c | 78 ++++++++++++++++++++++++++++++++++------- 1 file changed, 65 insertions(+), 13 deletions(-) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 4ce643a1833..f4cbbe6c06e 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -137,6 +137,7 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, const char *domain = lp_netbios_name(); char *fullname; uint32_t urid; + bool ok; if ( !pwd ) { return NT_STATUS_NO_SUCH_USER; @@ -144,7 +145,10 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, /* Basic properties based upon the Unix account information */ - pdb_set_username(user, pwd->pw_name, PDB_SET); + ok = pdb_set_username(user, pwd->pw_name, PDB_SET); + if (!ok) { + return NT_STATUS_NO_MEMORY; + } fullname = NULL; @@ -157,16 +161,26 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, fullname = talloc_strndup( talloc_tos(), pwd->pw_gecos, strchr(pwd->pw_gecos, ',') - pwd->pw_gecos); + if (fullname == NULL) { + return NT_STATUS_NO_MEMORY; + } } if (fullname != NULL) { - pdb_set_fullname(user, fullname, PDB_SET); + ok = pdb_set_fullname(user, fullname, PDB_SET); } else { - pdb_set_fullname(user, pwd->pw_gecos, PDB_SET); + ok = pdb_set_fullname(user, pwd->pw_gecos, PDB_SET); } TALLOC_FREE(fullname); - pdb_set_domain (user, get_global_sam_name(), PDB_DEFAULT); + if (!ok) { + return NT_STATUS_NO_MEMORY; + } + + ok = pdb_set_domain(user, get_global_sam_name(), PDB_DEFAULT); + if (!ok) { + return NT_STATUS_NO_MEMORY; + } #if 0 /* This can lead to a primary group of S-1-22-2-XX which will be rejected by other parts of the Samba code. @@ -180,6 +194,9 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, /* save the password structure for later use */ user->unix_pw = tcopy_passwd( user, pwd ); + if (user->unix_pw == NULL) { + return NT_STATUS_NO_MEMORY; + } /* Special case for the guest account which must have a RID of 501 */ @@ -212,18 +229,53 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods, /* set some basic attributes */ - pdb_set_profile_path(user, talloc_sub_specified(user, - lp_logon_path(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), - PDB_DEFAULT); - pdb_set_homedir(user, talloc_sub_specified(user, - lp_logon_home(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), + ok = pdb_set_profile_path( + user, + talloc_sub_specified( + user, + lp_logon_path(), + pwd->pw_name, + NULL, + domain, + pwd->pw_uid, + pwd->pw_gid), PDB_DEFAULT); - pdb_set_dir_drive(user, talloc_sub_specified(user, - lp_logon_drive(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), + ok &= pdb_set_homedir( + user, + talloc_sub_specified( + user, + lp_logon_home(), + pwd->pw_name, + NULL, + domain, + pwd->pw_uid, + pwd->pw_gid), PDB_DEFAULT); - pdb_set_logon_script(user, talloc_sub_specified(user, - lp_logon_script(), pwd->pw_name, NULL, domain, pwd->pw_uid, pwd->pw_gid), + ok &= pdb_set_dir_drive( + user, + talloc_sub_specified( + user, + lp_logon_drive(), + pwd->pw_name, + NULL, + domain, + pwd->pw_uid, + pwd->pw_gid), PDB_DEFAULT); + ok &= pdb_set_logon_script( + user, + talloc_sub_specified( + user, + lp_logon_script(), + pwd->pw_name, + NULL, + domain, + pwd->pw_uid, + pwd->pw_gid), + PDB_DEFAULT); + if (!ok) { + return NT_STATUS_NO_MEMORY; + } } /* Now deal with the user SID. If we have a backend that can generate -- 2.47.3