diff options
author | Jeremy Allison <jra@samba.org> | 2011-11-03 14:30:11 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2011-11-04 00:09:45 +0100 |
commit | 767c54d8dd9596718579699398392ae234b40aa2 (patch) | |
tree | 23c2cc841c52e673b24c614a3d9b18c19884d7ef | |
parent | 1dbffa70ae42dc254abbea0b7a958044a621996d (diff) | |
download | samba-767c54d8dd9596718579699398392ae234b40aa2.tar.gz samba-767c54d8dd9596718579699398392ae234b40aa2.tar.bz2 samba-767c54d8dd9596718579699398392ae234b40aa2.zip |
Fix bug #8562 - talloc: double free error.
Ensure we don't access an undefined pointer.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Nov 4 00:09:46 CET 2011 on sn-devel-104
-rw-r--r-- | source3/rpc_server/netlogon/srv_netlog_nt.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index b817545937..26b92c8618 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1287,7 +1287,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, struct netr_ServerPasswordSet2 *r) { NTSTATUS status; - struct netlogon_creds_CredentialState *creds; + struct netlogon_creds_CredentialState *creds = NULL; DATA_BLOB plaintext; struct samr_CryptPassword password_buf; struct samr_Password nt_hash; @@ -1301,9 +1301,14 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, unbecome_root(); if (!NT_STATUS_IS_OK(status)) { + const char *computer_name = "<unknown>"; + + if (creds && creds->computer_name) { + computer_name = creds->computer_name; + } DEBUG(2,("_netr_ServerPasswordSet2: netlogon_creds_server_step " "failed. Rejecting auth request from client %s machine account %s\n", - r->in.computer_name, creds->computer_name)); + r->in.computer_name, computer_name)); TALLOC_FREE(creds); return status; } @@ -1313,6 +1318,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) { + TALLOC_FREE(creds); return NT_STATUS_WRONG_PASSWORD; } @@ -1323,6 +1329,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, p->msg_ctx, creds->account_name, &nt_hash); + TALLOC_FREE(creds); return status; } |