auth/ntlmssp: Avoid use-after-free of user_info after logon failure at log level 5

Reviewed-by: Jeremy Allison <jra@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2013-03-15 13:00:55 +1100
committer: Jeremy Allison <jra@samba.org> 2013-03-27 09:28:50 -0700
commit: 1dcd75df4941d7032a66d3fbb86ac76964444a3f (patch)
tree: 882191720b468c40d1ef82cfd397adc286d4806a /auth
parent: e8657887a9c1deadbd4e98c8b66cd46bdf36402a (diff)
download: samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.tar.gz
samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.tar.bz2
samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index d9bea1cde4..442bd5db49 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -449,11 +449,11 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
 							      &gensec_ntlmssp->server_returned_info,
 							      user_session_key, lm_session_key);
 	}
-	talloc_free(user_info);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
 	}
+	TALLOC_FREE(user_info);
 
 	NT_STATUS_NOT_OK_RETURN(nt_status);
author	Andrew Bartlett <abartlet@samba.org>	2013-03-15 13:00:55 +1100
committer	Jeremy Allison <jra@samba.org>	2013-03-27 09:28:50 -0700
commit	1dcd75df4941d7032a66d3fbb86ac76964444a3f (patch)
tree	882191720b468c40d1ef82cfd397adc286d4806a /auth
parent	e8657887a9c1deadbd4e98c8b66cd46bdf36402a (diff)
download	samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.tar.gz samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.tar.bz2 samba-1dcd75df4941d7032a66d3fbb86ac76964444a3f.zip