From c53646bccd87ef3b3133d3f7526ef85591909528 Mon Sep 17 00:00:00 2001
From: David Disseldorp <ddiss@samba.org>
Date: Mon, 25 Jun 2018 02:08:25 +0200
Subject: [PATCH] s3/service: convert lp_force_group() to const

set_conn_force_user_group() and change_to_user_internal() leak onto
the callers' talloc stackframe. Drop the unnecessary heap allocations.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---
 docs-xml/smbdotconf/security/forcegroup.xml |  1 +
 source3/smbd/service.c                      | 19 +++++++------------
 source3/smbd/uid.c                          |  3 ++-
 3 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml
index d101f1c1b86..b6e729be927 100644
--- a/docs-xml/smbdotconf/security/forcegroup.xml
+++ b/docs-xml/smbdotconf/security/forcegroup.xml
@@ -1,6 +1,7 @@
 <samba:parameter name="force group"
                  context="S"
                  type="string"
+                 constant="1"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <synonym>group</synonym>
 <description>
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 2e4a1136254..df72172d9b0 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -243,23 +243,18 @@ static NTSTATUS find_forced_group(bool force_user,
 	TALLOC_CTX *frame = talloc_stackframe();
 	struct dom_sid group_sid;
 	enum lsa_SidType type;
+	const char *force_group;
 	char *groupname;
 	bool user_must_be_member = False;
 	gid_t gid;
 
-	groupname = lp_force_group(talloc_tos(), snum);
-	if (groupname == NULL) {
-		DEBUG(1, ("talloc_strdup failed\n"));
-		result = NT_STATUS_NO_MEMORY;
-		goto done;
-	}
-
-	if (groupname[0] == '+') {
-		user_must_be_member = True;
-		groupname += 1;
+	force_group = lp_force_group(snum);
+	if (force_group[0] == '+') {
+		user_must_be_member = true;
+		force_group += 1;
 	}
 
-	groupname = talloc_string_sub(talloc_tos(), groupname,
+	groupname = talloc_string_sub(talloc_tos(), force_group,
 				      "%S", lp_const_servicename(snum));
 	if (groupname == NULL) {
 		DEBUG(1, ("talloc_string_sub failed\n"));
@@ -427,7 +422,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
 	 * any groupid stored for the connecting user.
 	 */
 
-	if (*lp_force_group(talloc_tos(), snum)) {
+	if (*lp_force_group(snum)) {
 
 		status = find_forced_group(
 			conn->force_user, snum, conn->session_info->unix_info->unix_name,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 9d5321cf4cc..b6a754b8cfd 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -335,7 +335,8 @@ static bool change_to_user_internal(connection_struct *conn,
 	 * See if we should force group for this service. If so this overrides
 	 * any group set in the force user code.
 	 */
-	if((group_c = *lp_force_group(talloc_tos(), snum))) {
+	group_c = *lp_force_group(snum);
+	if (group_c != '\0') {
 
 		SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
 
-- 
2.11.4.GIT