r786: Memory leak fixes in (mostly) error code paths from

kawasa_r@itg.hitachi.co.jp. A couple of mem leak fixes in mainline code paths though :-). Jeremy. (This used to be commit 4695cc95fe576b6da0d0cb0686f208fc306b2646)
author: Jeremy Allison <jra@samba.org> 2004-05-19 21:49:58 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 10:51:38 -0500
commit: 8c0db1bbc469932694ed877eebecffa3d1948abd (patch)
tree: c7c9edcc3d4d57ce7477a23f00adb10baa1413c0 /source3/smbd
parent: 509c71fef5bc3c8a3ec1b99fc1b4268c4b945a4f (diff)
download: samba-8c0db1bbc469932694ed877eebecffa3d1948abd.tar.gz
samba-8c0db1bbc469932694ed877eebecffa3d1948abd.tar.bz2
samba-8c0db1bbc469932694ed877eebecffa3d1948abd.zip
2 files changed, 10 insertions, 2 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 158f1a0ede..584164e930 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -2110,8 +2110,10 @@ static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_
 					 * entries out of the blue when setting ACLs, so a get/set
 					 * cycle will drop them.
 					 */
-					if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid)
+					if (the_acl_type == SMB_ACL_TYPE_ACCESS && *puid == psbuf->st_uid) {
+						SMB_VFS_SYS_ACL_FREE_QUALIFIER(conn, (void *)puid,tagtype);
 						continue;
+					}
 					uid_to_sid( &sid, *puid);
 					unix_ug.uid = *puid;
 					owner_type = UID_ACE;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 902db2d288..8a56478929 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -150,7 +150,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 	DATA_BLOB auth_data;
 	DATA_BLOB ap_rep, ap_rep_wrapped, response;
 	auth_serversupplied_info *server_info = NULL;
-	DATA_BLOB session_key;
+	DATA_BLOB session_key = data_blob(NULL, 0);
 	uint8 tok_id[2];
 	BOOL foreign = False;
 	DATA_BLOB nullblob = data_blob(NULL, 0);
@@ -183,6 +183,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 	if (!p) {
 		DEBUG(3,("Doesn't look like a valid principal\n"));
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		SAFE_FREE(client);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
@@ -192,6 +193,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		DEBUG(3,("Ticket for foreign realm %s@%s\n", client, p+1));
 		if (!lp_allow_trusted_domains()) {
 			data_blob_free(&ap_rep);
+			data_blob_free(&session_key);
 			SAFE_FREE(client);
 			return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 		}
@@ -249,6 +251,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		SAFE_FREE(user);
 		SAFE_FREE(client);
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
@@ -263,6 +266,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		SAFE_FREE(user);
 		SAFE_FREE(client);
 		data_blob_free(&ap_rep);
+		data_blob_free(&session_key);
 		return ERROR_NT(ret);
 	}
 
@@ -274,6 +278,8 @@ static int reply_spnego_kerberos(connection_struct *conn,
         }
 
 	/* register_vuid keeps the server info */
+	/* register_vuid takes ownership of session_key, no need to free after this.
+ 	   A better interface would copy it.... */
 	sess_vuid = register_vuid(server_info, session_key, nullblob, client);
 
 	SAFE_FREE(user);
author	Jeremy Allison <jra@samba.org>	2004-05-19 21:49:58 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 10:51:38 -0500
commit	8c0db1bbc469932694ed877eebecffa3d1948abd (patch)
tree	c7c9edcc3d4d57ce7477a23f00adb10baa1413c0 /source3/smbd
parent	509c71fef5bc3c8a3ec1b99fc1b4268c4b945a4f (diff)
download	samba-8c0db1bbc469932694ed877eebecffa3d1948abd.tar.gz samba-8c0db1bbc469932694ed877eebecffa3d1948abd.tar.bz2 samba-8c0db1bbc469932694ed877eebecffa3d1948abd.zip