From 60cf4cb5a630506747431ecbf00d890509baf2f3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 1 Nov 2012 09:51:28 +1100 Subject: [PATCH] vfs_acl_common: In add_directory_inheritable_components allocate on psd as parent When we add a new DACL to the security descriptor, we need to use the SD as the memory context, so we can talloc_move() it as a tree to a new parent. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Nov 2 22:16:14 CET 2012 on sn-devel-104 --- source3/modules/vfs_acl_common.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index ef2dda1b455..59ced2922f3 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -195,9 +195,21 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle, mode_t dir_mode; mode_t file_mode; mode_t mode; - struct security_ace *new_ace_list = talloc_zero_array(talloc_tos(), - struct security_ace, - num_aces + 3); + struct security_ace *new_ace_list; + + if (psd->dacl) { + new_ace_list = talloc_zero_array(psd->dacl, + struct security_ace, + num_aces + 3); + } else { + /* + * make_sec_acl() at the bottom of this function + * dupliates new_ace_list + */ + new_ace_list = talloc_zero_array(talloc_tos(), + struct security_ace, + num_aces + 3); + } if (new_ace_list == NULL) { return NT_STATUS_NO_MEMORY; @@ -256,7 +268,7 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle, psd->dacl->aces = new_ace_list; psd->dacl->num_aces += 3; } else { - psd->dacl = make_sec_acl(talloc_tos(), + psd->dacl = make_sec_acl(psd, NT4_ACL_REVISION, 3, new_ace_list); -- 2.11.4.GIT