From 2685a4ed6681b1a20fb26087867737ecbf8fad73 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Jan 2013 11:45:46 +0100
Subject: [PATCH] dsdb-acl: attr is not optional to
 acl_check_access_on_attribute()

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/dsdb/samdb/ldb_modules/acl_util.c | 49 +++++++++++++++----------------
 1 file changed, 24 insertions(+), 25 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index fc6a55a2de1..13d6098a213 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -105,34 +105,33 @@ int acl_check_access_on_attribute(struct ldb_module *module,
 	struct object_tree *new_node = NULL;
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	struct security_token *token = acl_user_token(module);
-	if (attr) {
-		if (!GUID_all_zero(&attr->attributeSecurityGUID)) {
-			if (!insert_in_object_tree(tmp_ctx,
-						   &attr->attributeSecurityGUID,
-						   access_mask, &root,
-						   &new_node)) {
-				DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n"));
-				goto fail;
-			}
-
-			if (!insert_in_object_tree(tmp_ctx,
-						   &attr->schemaIDGUID,
-						   access_mask, &new_node,
-						   &new_node)) {
-				DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
-				goto fail;
-			}
+
+	if (!GUID_all_zero(&attr->attributeSecurityGUID)) {
+		if (!insert_in_object_tree(tmp_ctx,
+					   &attr->attributeSecurityGUID,
+					   access_mask, &root,
+					   &new_node)) {
+			DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n"));
+			goto fail;
+		}
+
+		if (!insert_in_object_tree(tmp_ctx,
+					   &attr->schemaIDGUID,
+					   access_mask, &new_node,
+					   &new_node)) {
+			DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
+			goto fail;
 		}
-		else {
-			if (!insert_in_object_tree(tmp_ctx,
-						   &attr->schemaIDGUID,
-						   access_mask, &root,
-						   &new_node)) {
-				DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
-				goto fail;
-			}
+	} else {
+		if (!insert_in_object_tree(tmp_ctx,
+					   &attr->schemaIDGUID,
+					   access_mask, &root,
+					   &new_node)) {
+			DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
+			goto fail;
 		}
 	}
+
 	status = sec_access_check_ds(sd, token,
 				     access_mask,
 				     &access_granted,
-- 
2.11.4.GIT