Ok - this is a *BIG* change - but it fixes the problems with static strings

in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.

The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.

A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.

This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().

This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.

The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.

Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.

Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)

1 files changed, 20 insertions, 3 deletions

diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 77f2ec47da..0161ee05e8 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1815,9 +1815,14 @@ uint32 nt_printing_setsec(char *printername, SEC_DESC_BUF *secdesc_ctr)
 	SEC_DESC_BUF *new_secdesc_ctr = NULL;
 	SEC_DESC_BUF *old_secdesc_ctr = NULL;
 	prs_struct ps;
+	TALLOC_CTX *mem_ctx = NULL;
 	fstring key;
 	uint32 status;
 
+	mem_ctx = talloc_init();
+	if (mem_ctx == NULL)
+		return False;
+
         /* The old owner and group sids of the security descriptor are not
 	   present when new ACEs are added or removed by changing printer
 	   permissions through NT.  If they are NULL in the new security
@@ -1864,7 +1869,7 @@ uint32 nt_printing_setsec(char *printername, SEC_DESC_BUF *secdesc_ctr)
 	/* Store the security descriptor in a tdb */
 
 	prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sec) + 
-		 sizeof(SEC_DESC_BUF), 4, MARSHALL);
+		 sizeof(SEC_DESC_BUF), 4, mem_ctx, MARSHALL);
 
 	if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr, 
 			     &ps, 1)) {
@@ -1891,6 +1896,8 @@ uint32 nt_printing_setsec(char *printername, SEC_DESC_BUF *secdesc_ctr)
 	}
 
 	prs_mem_free(&ps);
+	if (mem_ctx)
+		talloc_destroy(mem_ctx);
 	return status;
 }
 
@@ -1967,20 +1974,28 @@ static SEC_DESC_BUF *construct_default_printer_sdb(void)
 BOOL nt_printing_getsec(char *printername, SEC_DESC_BUF **secdesc_ctr)
 {
 	prs_struct ps;
+	TALLOC_CTX *mem_ctx = NULL;
 	fstring key;
 
+	mem_ctx = talloc_init();
+	if (mem_ctx == NULL)
+		return False;
+
 	/* Fetch security descriptor from tdb */
 
 	slprintf(key, sizeof(key), "SECDESC/%s", printername);
 
-	if (tdb_prs_fetch(tdb, key, &ps)!=0 ||
+	if (tdb_prs_fetch(tdb, key, &ps, mem_ctx)!=0 ||
 	    !sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
 
 		DEBUG(4,("using default secdesc for %s\n", printername));
 
-		if (!(*secdesc_ctr = construct_default_printer_sdb()))
+		if (!(*secdesc_ctr = construct_default_printer_sdb())) {
+			talloc_destroy(mem_ctx);
 			return False;
+		}
 
+		talloc_destroy(mem_ctx);
 		return True;
 	}
 
@@ -2028,6 +2043,7 @@ BOOL nt_printing_getsec(char *printername, SEC_DESC_BUF **secdesc_ctr)
 	}
 
 	prs_mem_free(&ps);
+	talloc_destroy(mem_ctx);
 	return True;
 }
 
@@ -2123,3 +2139,4 @@ BOOL print_access_check(struct current_user *user, int snum,
 
 	return result;
 }
+#undef OLD_NTDOMAIN