summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2003-07-01 12:40:52 +0000
committerVolker Lendecke <vlendec@samba.org>2003-07-01 12:40:52 +0000
commitb78dd91e68d6273d1fcd3470b1c3c333047fb186 (patch)
tree303c4452f364460e63d86736bf4abfc2e2391a0b
parent2b0662b33a4f104ae9f900a2984ae2f07dcc3c45 (diff)
downloadsamba-b78dd91e68d6273d1fcd3470b1c3c333047fb186.tar.gz
samba-b78dd91e68d6273d1fcd3470b1c3c333047fb186.tar.bz2
samba-b78dd91e68d6273d1fcd3470b1c3c333047fb186.zip
Fix two memory leaks. tdb_search_keys allocates space for the key
strings. Running 'net cache list' or secrets_get_trusted_domains through valgrind gives a *huge* amount of invalid reads of one byte beyond the indicated string length in libc's strncpy. Annoying... Volker (This used to be commit 0f8933ae778064ff58cdc832ce52c843631435bb)
-rw-r--r--source3/lib/gencache.c2
-rw-r--r--source3/passdb/secrets.c2
2 files changed, 4 insertions, 0 deletions
diff --git a/source3/lib/gencache.c b/source3/lib/gencache.c
index f3740e3e12..b94e35eff4 100644
--- a/source3/lib/gencache.c
+++ b/source3/lib/gencache.c
@@ -329,6 +329,7 @@ void gencache_iterate(void (*fn)(const char* key, const char *value, time_t time
if (!databuf.dptr || databuf.dsize <= TIMEOUT_LEN) {
SAFE_FREE(databuf.dptr);
SAFE_FREE(keystr);
+ SAFE_FREE(node->node_key.dptr);
node = node->next;
continue;
}
@@ -344,6 +345,7 @@ void gencache_iterate(void (*fn)(const char* key, const char *value, time_t time
SAFE_FREE(valstr);
SAFE_FREE(entry);
SAFE_FREE(keystr);
+ SAFE_FREE(node->node_key.dptr);
node = node->next;
}
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index f91d59989f..57a539b092 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -615,6 +615,8 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in
DEBUG(0, ("strndup failed!\n"));
return NT_STATUS_NO_MEMORY;
}
+
+ SAFE_FREE(k->node_key.dptr);
packed_pass = secrets_fetch(secrets_key, &size);
packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, pass);