diff options
| author | Volker Lendecke <vl@samba.org> | 2011-03-05 12:57:59 +0100 |
|---|---|---|
| committer | Volker Lendecke <vlendec@samba.org> | 2011-03-05 14:08:37 +0100 |
| commit | dcbfb6fc0b9050168e2010673caccb7ec8807bd1 (patch) | |
| tree | 175575b07e844d04351107598c342002084e1542 /source3/auth/check_samsec.c | |
| parent | f1a5109565cc178242acd33d9d1eb2fd80229e2c (diff) | |
| download | samba-dcbfb6fc0b9050168e2010673caccb7ec8807bd1.tar.gz samba-dcbfb6fc0b9050168e2010673caccb7ec8807bd1.tar.bz2 samba-dcbfb6fc0b9050168e2010673caccb7ec8807bd1.zip | |
s3: Fix a memory leak in check_sam_security_info3
Abartlet, this commit makes check_sam_security_info3 use talloc_tos() and also
cleans up the temporary talloc stackframe.
The old code created a temporary talloc context off "mem_ctx" but failed to
clean up the tmp_ctx in all but one return paths.
talloc_stackframe()/talloc_tos() is designed as a defense against exactly this
error: Even if we failed to free the frame when returning from the routine, it
would be cleaned up very soon, in our main event loop.
Please check this patch!
Thanks,
Volker
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Mar 5 14:08:37 CET 2011 on sn-devel-104
Diffstat (limited to 'source3/auth/check_samsec.c')
| -rw-r--r-- | source3/auth/check_samsec.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c index 299f43a1e9..db5f68fdfe 100644 --- a/source3/auth/check_samsec.c +++ b/source3/auth/check_samsec.c @@ -519,29 +519,31 @@ NTSTATUS check_sam_security_info3(const DATA_BLOB *challenge, struct auth_serversupplied_info *server_info = NULL; struct netr_SamInfo3 *info3; NTSTATUS status; - TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - if (!tmp_ctx) { - return NT_STATUS_NO_MEMORY; - } - status = check_sam_security(challenge, tmp_ctx, user_info, &server_info); + TALLOC_CTX *frame = talloc_stackframe(); + + status = check_sam_security(challenge, talloc_tos(), user_info, + &server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("check_sam_security failed: %s\n", nt_errstr(status))); - return status; + goto done; } info3 = TALLOC_ZERO_P(mem_ctx, struct netr_SamInfo3); if (info3 == NULL) { - talloc_free(tmp_ctx); - return NT_STATUS_NO_MEMORY; + status = NT_STATUS_NO_MEMORY; + goto done; } status = serverinfo_to_SamInfo3(server_info, NULL, 0, info3); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("serverinfo_to_SamInfo3 failed: %s\n", nt_errstr(status))); - return status; + goto done; } *pinfo3 = info3; - return NT_STATUS_OK; + status = NT_STATUS_OK; +done: + TALLOC_FREE(frame); + return status; } |