diff options
| author | Simo Sorce <idra@samba.org> | 2006-10-15 23:14:19 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:21:04 -0500 |
| commit | 59b66744f7318d8197f0d2029bf3b641dafa327e (patch) | |
| tree | 03d44cfb4bc655088a411552743531246e06974b /source4/auth/gensec | |
| parent | a719444f68c7448f53ce61dc9f02e552a98fedcf (diff) | |
| download | samba-59b66744f7318d8197f0d2029bf3b641dafa327e.tar.gz samba-59b66744f7318d8197f0d2029bf3b641dafa327e.tar.bz2 samba-59b66744f7318d8197f0d2029bf3b641dafa327e.zip | |
r19299: Fix possible memleaks
(This used to be commit 6fad80bb09113a60689061a2de67711c9924708b)
Diffstat (limited to 'source4/auth/gensec')
| -rw-r--r-- | source4/auth/gensec/schannel_state.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c index e8d0f8388b..855f159981 100644 --- a/source4/auth/gensec/schannel_state.c +++ b/source4/auth/gensec/schannel_state.c @@ -198,12 +198,14 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx, ret = ldb_search(ldb, NULL, LDB_SCOPE_SUBTREE, expr, NULL, &res); if (ret != LDB_SUCCESS || res->count != 1) { DEBUG(3,("schannel: Failed to find a record for client: %s\n", computer_name)); + talloc_free(res); return NT_STATUS_INVALID_HANDLE; } val = ldb_msg_find_ldb_val(res->msgs[0], "sessionKey"); if (val == NULL || val->length != 16) { DEBUG(1,("schannel: record in schannel DB must contain a sessionKey of length 16, when searching for client: %s\n", computer_name)); + talloc_free(res); return NT_STATUS_INTERNAL_ERROR; } @@ -212,6 +214,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx, val = ldb_msg_find_ldb_val(res->msgs[0], "seed"); if (val == NULL || val->length != 8) { DEBUG(1,("schannel: record in schannel DB must contain a vaid seed of length 8, when searching for client: %s\n", computer_name)); + talloc_free(res); return NT_STATUS_INTERNAL_ERROR; } @@ -220,6 +223,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx, val = ldb_msg_find_ldb_val(res->msgs[0], "clientState"); if (val == NULL || val->length != 8) { DEBUG(1,("schannel: record in schannel DB must contain a vaid clientState of length 8, when searching for client: %s\n", computer_name)); + talloc_free(res); return NT_STATUS_INTERNAL_ERROR; } memcpy((*creds)->client.data, val->data, 8); @@ -227,6 +231,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx, val = ldb_msg_find_ldb_val(res->msgs[0], "serverState"); if (val == NULL || val->length != 8) { DEBUG(1,("schannel: record in schannel DB must contain a vaid serverState of length 8, when searching for client: %s\n", computer_name)); + talloc_free(res); return NT_STATUS_INTERNAL_ERROR; } memcpy((*creds)->server.data, val->data, 8); @@ -235,14 +240,27 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx, (*creds)->secure_channel_type = ldb_msg_find_attr_as_int(res->msgs[0], "secureChannelType", 0); - (*creds)->account_name = talloc_reference(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "accountName", NULL)); + (*creds)->account_name = talloc_strdup(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "accountName", NULL)); + if ((*creds)->account_name == NULL) { + talloc_free(res); + return NT_STATUS_NO_MEMORY; + } - (*creds)->computer_name = talloc_reference(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "computerName", NULL)); + (*creds)->computer_name = talloc_strdup(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "computerName", NULL)); + if ((*creds)->computer_name == NULL) { + talloc_free(res); + return NT_STATUS_NO_MEMORY; + } - (*creds)->domain = talloc_reference(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "flatname", NULL)); + (*creds)->domain = talloc_strdup(*creds, ldb_msg_find_attr_as_string(res->msgs[0], "flatname", NULL)); + if ((*creds)->domain == NULL) { + talloc_free(res); + return NT_STATUS_NO_MEMORY; + } (*creds)->sid = samdb_result_dom_sid(*creds, res->msgs[0], "objectSid"); + talloc_free(res); return NT_STATUS_OK; } |