summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2011-11-03 14:30:11 -0700
committerJeremy Allison <jra@samba.org>2011-11-04 00:09:45 +0100
commit767c54d8dd9596718579699398392ae234b40aa2 (patch)
tree23c2cc841c52e673b24c614a3d9b18c19884d7ef
parent1dbffa70ae42dc254abbea0b7a958044a621996d (diff)
downloadsamba-767c54d8dd9596718579699398392ae234b40aa2.tar.gz
samba-767c54d8dd9596718579699398392ae234b40aa2.tar.bz2
samba-767c54d8dd9596718579699398392ae234b40aa2.zip
Fix bug #8562 - talloc: double free error.
Ensure we don't access an undefined pointer. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Nov 4 00:09:46 CET 2011 on sn-devel-104
-rw-r--r--source3/rpc_server/netlogon/srv_netlog_nt.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index b817545937..26b92c8618 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1287,7 +1287,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
struct netr_ServerPasswordSet2 *r)
{
NTSTATUS status;
- struct netlogon_creds_CredentialState *creds;
+ struct netlogon_creds_CredentialState *creds = NULL;
DATA_BLOB plaintext;
struct samr_CryptPassword password_buf;
struct samr_Password nt_hash;
@@ -1301,9 +1301,14 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
+ const char *computer_name = "<unknown>";
+
+ if (creds && creds->computer_name) {
+ computer_name = creds->computer_name;
+ }
DEBUG(2,("_netr_ServerPasswordSet2: netlogon_creds_server_step "
"failed. Rejecting auth request from client %s machine account %s\n",
- r->in.computer_name, creds->computer_name));
+ r->in.computer_name, computer_name));
TALLOC_FREE(creds);
return status;
}
@@ -1313,6 +1318,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) {
+ TALLOC_FREE(creds);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -1323,6 +1329,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
p->msg_ctx,
creds->account_name,
&nt_hash);
+ TALLOC_FREE(creds);
return status;
}