From: Daniil Sarafannikov <sarafannikovda@sgu.ru>
Date: Thu, 11 Jun 2026 15:09:57 +0000 (+0400)
Subject: s3:rpc_server: Add check for empty account
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;ds=inline;p=thirdparty%2Fsamba.git

s3:rpc_server: Add check for empty account

The code below uses account[strlen(account)-1] but there is
no clear guarantees that account can not be empty string.

Add the check for non-emptiness of account and return error
code in case it is empty.

Pair-Programmed-With: Sergey Zhidkih <rx1513@altlinux.org>
Signed-off-by: Daniil Sarafannikov <sarafannikovda@sgu.ru>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Sat Jun 13 19:22:29 UTC 2026 on atb-devel-224
---

diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index 885ff8e2c60..d49b29cedd1 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -3897,6 +3897,9 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p,
 	if (account == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
+	if (account[0] == '\0') {
+		return NT_STATUS_INVALID_ACCOUNT_NAME;
+	}
 
 	nt_status = can_create(p->mem_ctx, account);
 	if (!NT_STATUS_IS_OK(nt_status)) {