r533: More memory leak fixes from kawasa_r@itg.hitachi.co.jp. I need to

valgrind winbindd with these in....
Jeremy.
(This used to be commit fa4774b73d338a0c0df09f23cd738279bf4e71a2)

1 files changed, 32 insertions, 8 deletions

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 1ab71c6ee5..971156ae61 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -29,12 +29,12 @@
 static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
 {
 	const char *mechs[] = {OID_NTLMSSP, NULL};
-	DATA_BLOB msg1;
+	DATA_BLOB msg1 = data_blob(NULL, 0);
 	DATA_BLOB blob, chal1, chal2, auth;
 	uint8 challenge[8];
 	uint8 nthash[24], lmhash[24], sess_key[16];
 	uint32 neg_flags;
-	struct berval cred, *scred;
+	struct berval cred, *scred = NULL;
 	ADS_STATUS status;
 	int rc;
 
@@ -70,6 +70,7 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
 	}
 
 	blob = data_blob(scred->bv_val, scred->bv_len);
+	ber_bvfree(scred);
 
 	/* the server gives us back two challenges */
 	if (!spnego_parse_challenge(blob, &chal1, &chal2)) {
@@ -105,15 +106,29 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
 
 	data_blob_free(&blob);
 
+	/* Remember to free the msg1 blob. The contents of this
+	   have been copied into cred and need freeing before reassignment. */
+	data_blob_free(&msg1);
+
 	/* now send the auth packet and we should be done */
 	cred.bv_val = (char *)auth.data;
 	cred.bv_len = auth.length;
 
 	rc = ldap_sasl_bind_s(ads->ld, NULL, "GSS-SPNEGO", &cred, NULL, NULL, &scred);
 
+	ber_bvfree(scred);
+	data_blob_free(&auth);
+	
 	return ADS_ERROR(rc);
 
 failed:
+
+	/* Remember to free the msg1 blob. The contents of this
+	   have been copied into cred and need freeing. */
+	data_blob_free(&msg1);
+
+	if(scred)
+		ber_bvfree(scred);
 	return status;
 }
 
@@ -122,9 +137,9 @@ failed:
 */
 static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads, const char *principal)
 {
-	DATA_BLOB blob;
-	struct berval cred, *scred;
-	DATA_BLOB session_key;
+	DATA_BLOB blob = data_blob(NULL, 0);
+	struct berval cred, *scred = NULL;
+	DATA_BLOB session_key = data_blob(NULL, 0);
 	int rc;
 
 	rc = spnego_gen_negTokenTarg(principal, ads->auth.time_offset, &blob, &session_key);
@@ -141,6 +156,8 @@ static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads, const char *princip
 
 	data_blob_free(&blob);
 	data_blob_free(&session_key);
+	if(scred)
+		ber_bvfree(scred);
 
 	return ADS_ERROR(rc);
 }
@@ -154,7 +171,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 	int rc, i;
 	ADS_STATUS status;
 	DATA_BLOB blob;
-	char *principal;
+	char *principal = NULL;
 	char *OIDs[ASN1_MAX_OIDS];
 	BOOL got_kerberos_mechanism = False;
 
@@ -197,8 +214,10 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 	if (!(ads->auth.flags & ADS_AUTH_DISABLE_KERBEROS) &&
 	    got_kerberos_mechanism) {
 		status = ads_sasl_spnego_krb5_bind(ads, principal);
-		if (ADS_ERR_OK(status))
+		if (ADS_ERR_OK(status)) {
+			SAFE_FREE(principal);
 			return status;
+		}
 
 		status = ADS_ERROR_KRB5(ads_kinit_password(ads)); 
 
@@ -209,11 +228,14 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 		/* only fallback to NTLMSSP if allowed */
 		if (ADS_ERR_OK(status) || 
 		    !(ads->auth.flags & ADS_AUTH_ALLOW_NTLMSSP)) {
+			SAFE_FREE(principal);
 			return status;
 		}
 	}
 #endif
 
+	SAFE_FREE(principal);
+
 	/* lets do NTLMSSP ... this has the big advantage that we don't need
 	   to sync clocks, and we don't rely on special versions of the krb5 
 	   library for HMAC_MD4 encryption */
@@ -242,7 +264,7 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 	gss_buffer_desc output_token, input_token;
 	uint32 ret_flags, conf_state;
 	struct berval cred;
-	struct berval *scred;
+	struct berval *scred = NULL;
 	int i=0;
 	int gss_rc, rc;
 	uint8 *p;
@@ -385,6 +407,8 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 	gss_release_buffer(&minor_status, &input_token);
 
 failed:
+	if(scred)
+		ber_bvfree(scred);
 	return status;
 }
 #endif