s4-param: Fix more memory leaks, invalid memory context.

3 files changed, 71 insertions, 19 deletions

diff --git a/source4/auth/credentials/pycredentials.c b/source4/auth/credentials/pycredentials.c
index e1a74037ec..879d906d6f 100644
--- a/source4/auth/credentials/pycredentials.c
+++ b/source4/auth/credentials/pycredentials.c
@@ -207,6 +207,7 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
 {
 	PyObject *py_lp_ctx = Py_None;
 	struct loadparm_context *lp_ctx;
+	TALLOC_CTX *mem_ctx;
 	struct cli_credentials *creds;
 
 	creds = PyCredentials_AsCliCredentials(self);
@@ -214,13 +215,21 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
 	if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
 		return NULL;
 
-	lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
-	if (lp_ctx == NULL)
+	mem_ctx = talloc_new(NULL);
+	if (mem_ctx == NULL) {
+		PyErr_NoMemory();
 		return NULL;
+	}
+
+	lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+	if (lp_ctx == NULL) {
+		talloc_free(mem_ctx);
+		return NULL;
+	}
 
 	cli_credentials_guess(creds, lp_ctx);
 
-	talloc_free(lp_ctx);
+	talloc_free(mem_ctx);
 
 	Py_RETURN_NONE;
 }
@@ -231,18 +240,27 @@ static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject *
 	struct loadparm_context *lp_ctx;
 	NTSTATUS status;
 	struct cli_credentials *creds;
+	TALLOC_CTX *mem_ctx;
 
 	creds = PyCredentials_AsCliCredentials(self);
 
 	if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
 		return NULL;
 
-	lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
-	if (lp_ctx == NULL)
+	mem_ctx = talloc_new(NULL);
+	if (mem_ctx == NULL) {
+		PyErr_NoMemory();
 		return NULL;
+	}
+
+	lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+	if (lp_ctx == NULL) {
+		talloc_free(mem_ctx);
+		return NULL;
+	}
 
 	status = cli_credentials_set_machine_account(creds, lp_ctx);
-	talloc_free(lp_ctx);
+	talloc_free(mem_ctx);
 
 	PyErr_NTSTATUS_IS_ERR_RAISE(status);
 
@@ -278,29 +296,39 @@ static PyObject *py_creds_get_named_ccache(py_talloc_Object *self, PyObject *arg
 	int ret;
 	const char *error_string;
 	struct cli_credentials *creds;
+	TALLOC_CTX *mem_ctx;
 
 	creds = PyCredentials_AsCliCredentials(self);
 
 	if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
 		return NULL;
 
-	lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
-	if (lp_ctx == NULL)
+	mem_ctx = talloc_new(NULL);
+	if (mem_ctx == NULL) {
+		PyErr_NoMemory();
+		return NULL;
+	}
+
+	lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+	if (lp_ctx == NULL) {
+		talloc_free(mem_ctx);
 		return NULL;
+	}
 
-	event_ctx = tevent_context_init(NULL);
+	event_ctx = tevent_context_init(mem_ctx);
 
 	ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
 					       ccache_name, &ccc, &error_string);
 	talloc_free(lp_ctx);
 	if (ret == 0) {
 		talloc_steal(ccc, event_ctx);
+		talloc_free(mem_ctx);
 		return PyCredentialCacheContainer_from_ccache_container(ccc);
 	}
 
 	PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
 
-	talloc_free(event_ctx);
+	talloc_free(mem_ctx);
 	return NULL;
 }
 
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index f28ab95dbd..d2f19e961e 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -360,7 +360,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 					    hostname, lpcfg_realm(gensec_security->settings->lp_ctx));
 
 		name_type = GSS_C_NT_USER_NAME;
-	}		
+	}
 	name_token.value  = discard_const_p(uint8_t, principal);
 	name_token.length = strlen(principal);
 
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index a66411bb4a..c2a5e408c7 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -43,16 +43,25 @@ static PyObject *py_system_session(PyObject *module, PyObject *args)
 	PyObject *py_lp_ctx = Py_None;
 	struct loadparm_context *lp_ctx = NULL;
 	struct auth_session_info *session;
+	TALLOC_CTX *mem_ctx;
 	if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
 		return NULL;
 
-	lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
-	if (lp_ctx == NULL)
+	mem_ctx = talloc_new(NULL);
+	if (mem_ctx == NULL) {
+		PyErr_NoMemory();
 		return NULL;
+	}
+
+	lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+	if (lp_ctx == NULL) {
+		talloc_free(mem_ctx);
+		return NULL;
+	}
 
 	session = system_session(lp_ctx);
 
-	talloc_free(lp_ctx);
+	talloc_free(mem_ctx);
 
 	return PyAuthSession_FromSession(session);
 }
@@ -65,17 +74,32 @@ static PyObject *py_admin_session(PyObject *module, PyObject *args)
 	struct loadparm_context *lp_ctx = NULL;
 	struct auth_session_info *session;
 	struct dom_sid *domain_sid = NULL;
+	TALLOC_CTX *mem_ctx;
+
 	if (!PyArg_ParseTuple(args, "OO", &py_lp_ctx, &py_sid))
 		return NULL;
 
-	lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
-	if (lp_ctx == NULL)
+	mem_ctx = talloc_new(NULL);
+	if (mem_ctx == NULL) {
+		PyErr_NoMemory();
 		return NULL;
+	}
 
-	domain_sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
-	session = admin_session(NULL, lp_ctx, domain_sid);
+	lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+	if (lp_ctx == NULL) {
+		talloc_free(mem_ctx);
+		return NULL;
+	}
 
-	talloc_free(lp_ctx);
+	domain_sid = dom_sid_parse_talloc(mem_ctx, PyString_AsString(py_sid));
+	if (domain_sid == NULL) {
+		PyErr_Format(PyExc_RuntimeError, "Unable to parse sid %s", 
+					 PyString_AsString(py_sid));
+		talloc_free(mem_ctx);
+		return NULL;
+	}
+	session = admin_session(NULL, lp_ctx, domain_sid);
+	talloc_free(mem_ctx);
 
 	return PyAuthSession_FromSession(session);
 }