r23030: finally fixed up our asn1 code to use better memory allocation. This

should allow us to fix some long standing memory leaks. (This used to be commit 3db49c2ec9968221c1361785b94061046ecd159d)
author: Andrew Tridgell <tridge@samba.org> 2007-05-21 06:12:06 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 14:52:42 -0500
commit: 7bb939b1cb2b39a8271cf16d9f5fce5312a9af10 (patch)
tree: 3210fa30663556e6ff238a3c9f6d17a209bf26b4 /source4/auth
parent: 042ddf28ec036141b2457eb4bf6d2b0cec5cc790 (diff)
download: samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.tar.gz
samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.tar.bz2
samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.zip
3 files changed, 68 insertions, 75 deletions
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 79dc0ea6e7..5c9a518cdd 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -711,7 +711,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 		NTSTATUS nt_status;
 		if (in.length) {
 
-			len = spnego_read_data(in, &spnego);
+			len = spnego_read_data(gensec_security, in, &spnego);
 			if (len == -1) {
 				return gensec_spnego_server_try_fallback(gensec_security, spnego_state, 
 									 out_mem_ctx, in, out);
@@ -769,7 +769,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 			return nt_status;
 		}
 		
-		len = spnego_read_data(in, &spnego);
+		len = spnego_read_data(gensec_security, in, &spnego);
 		
 		if (len == -1) {
 			DEBUG(1, ("Invalid SPNEGO request:\n"));
@@ -834,7 +834,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 		
-		len = spnego_read_data(in, &spnego);
+		len = spnego_read_data(gensec_security, in, &spnego);
 		
 		if (len == -1) {
 			DEBUG(1, ("Invalid SPNEGO request:\n"));
@@ -880,7 +880,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 		
-		len = spnego_read_data(in, &spnego);
+		len = spnego_read_data(gensec_security, in, &spnego);
 		
 		if (len == -1) {
 			DEBUG(1, ("Invalid SPNEGO request:\n"));
diff --git a/source4/auth/gensec/spnego_parse.c b/source4/auth/gensec/spnego_parse.c
index 66e24bdbe5..c768d1e847 100644
--- a/source4/auth/gensec/spnego_parse.c
+++ b/source4/auth/gensec/spnego_parse.c
@@ -26,7 +26,8 @@
 #include "auth/gensec/gensec.h"
 #include "libcli/util/asn_1.h"
 
-static BOOL read_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
+static BOOL read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx,
+			      struct spnego_negTokenInit *token)
 {
 	ZERO_STRUCTP(token);
 
@@ -53,11 +54,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit
 				token->mechTypes = talloc_realloc(NULL, 
 								  token->mechTypes, 
 								  const char *, i+2);
-				asn1_read_OID(asn1, token->mechTypes + i);
-				if (token->mechTypes[i]) {
-					talloc_steal(token->mechTypes, 
-						     token->mechTypes[i]);
-				}
+				asn1_read_OID(asn1, token->mechTypes, token->mechTypes + i);
 			}
 			token->mechTypes[i] = NULL;
 			
@@ -74,7 +71,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit
                 /* Read mechToken */
 		case ASN1_CONTEXT(2):
 			asn1_start_tag(asn1, ASN1_CONTEXT(2));
-			asn1_read_OctetString(asn1, &token->mechToken);
+			asn1_read_OctetString(asn1, mem_ctx, &token->mechToken);
 			asn1_end_tag(asn1);
 			break;
 		/* Read mecListMIC */
@@ -87,7 +84,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit
 				break;
 			}
 			if (type_peek == ASN1_OCTET_STRING) {
-				asn1_read_OctetString(asn1,
+				asn1_read_OctetString(asn1, mem_ctx, 
 						      &token->mechListMIC);
 			} else {
 				/* RFC 2478 says we have an Octet String here,
@@ -95,7 +92,7 @@ static BOOL read_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit
 				char *mechListMIC;
 				asn1_push_tag(asn1, ASN1_SEQUENCE(0));
 				asn1_push_tag(asn1, ASN1_CONTEXT(0));
-				asn1_read_GeneralString(asn1, &mechListMIC);
+				asn1_read_GeneralString(asn1, mem_ctx, &mechListMIC);
 				asn1_pop_tag(asn1);
 				asn1_pop_tag(asn1);
 
@@ -179,7 +176,8 @@ static BOOL write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenIni
 	return !asn1->has_error;
 }
 
-static BOOL read_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg *token)
+static BOOL read_negTokenTarg(struct asn1_data *asn1, TALLOC_CTX *mem_ctx, 
+			      struct spnego_negTokenTarg *token)
 {
 	ZERO_STRUCTP(token);
 
@@ -203,17 +201,17 @@ static BOOL read_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTarg
 			break;
 		case ASN1_CONTEXT(1):
 			asn1_start_tag(asn1, ASN1_CONTEXT(1));
-			asn1_read_OID(asn1, &token->supportedMech);
+			asn1_read_OID(asn1, mem_ctx, &token->supportedMech);
 			asn1_end_tag(asn1);
 			break;
 		case ASN1_CONTEXT(2):
 			asn1_start_tag(asn1, ASN1_CONTEXT(2));
-			asn1_read_OctetString(asn1, &token->responseToken);
+			asn1_read_OctetString(asn1, mem_ctx, &token->responseToken);
 			asn1_end_tag(asn1);
 			break;
 		case ASN1_CONTEXT(3):
 			asn1_start_tag(asn1, ASN1_CONTEXT(3));
-			asn1_read_OctetString(asn1, &token->mechListMIC);
+			asn1_read_OctetString(asn1, mem_ctx, &token->mechListMIC);
 			asn1_end_tag(asn1);
 			break;
 		default:
@@ -265,77 +263,74 @@ static BOOL write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTar
 	return !asn1->has_error;
 }
 
-ssize_t spnego_read_data(DATA_BLOB data, struct spnego_data *token)
+ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data *token)
 {
-	struct asn1_data asn1;
+	struct asn1_data *asn1 = asn1_init(mem_ctx);
 	ssize_t ret = -1;
 	uint8_t context;
 
 	ZERO_STRUCTP(token);
-	ZERO_STRUCT(asn1);
 
 	if (data.length == 0) {
 		return ret;
 	}
 
-	asn1_load(&asn1, data);
+	asn1_load(asn1, data);
 
-	if (!asn1_peek_uint8(&asn1, &context)) {
-		asn1.has_error = True;
+	if (!asn1_peek_uint8(asn1, &context)) {
+		asn1->has_error = True;
 	} else {
 		switch (context) {
 		case ASN1_APPLICATION(0):
-			asn1_start_tag(&asn1, ASN1_APPLICATION(0));
-			asn1_check_OID(&asn1, GENSEC_OID_SPNEGO);
-			if (read_negTokenInit(&asn1, &token->negTokenInit)) {
+			asn1_start_tag(asn1, ASN1_APPLICATION(0));
+			asn1_check_OID(asn1, GENSEC_OID_SPNEGO);
+			if (read_negTokenInit(asn1, mem_ctx, &token->negTokenInit)) {
 				token->type = SPNEGO_NEG_TOKEN_INIT;
 			}
-			asn1_end_tag(&asn1);
+			asn1_end_tag(asn1);
 			break;
 		case ASN1_CONTEXT(1):
-			if (read_negTokenTarg(&asn1, &token->negTokenTarg)) {
+			if (read_negTokenTarg(asn1, mem_ctx, &token->negTokenTarg)) {
 				token->type = SPNEGO_NEG_TOKEN_TARG;
 			}
 			break;
 		default:
-			asn1.has_error = True;
+			asn1->has_error = True;
 			break;
 		}
 	}
 
-	if (!asn1.has_error) ret = asn1.ofs;
-	asn1_free(&asn1);
+	if (!asn1->has_error) ret = asn1->ofs;
+	asn1_free(asn1);
 
 	return ret;
 }
 
 ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_data *spnego)
 {
-	struct asn1_data asn1;
+	struct asn1_data *asn1 = asn1_init(mem_ctx);
 	ssize_t ret = -1;
 
-	ZERO_STRUCT(asn1);
-
 	switch (spnego->type) {
 	case SPNEGO_NEG_TOKEN_INIT:
-		asn1_push_tag(&asn1, ASN1_APPLICATION(0));
-		asn1_write_OID(&asn1, GENSEC_OID_SPNEGO);
-		write_negTokenInit(&asn1, &spnego->negTokenInit);
-		asn1_pop_tag(&asn1);
+		asn1_push_tag(asn1, ASN1_APPLICATION(0));
+		asn1_write_OID(asn1, GENSEC_OID_SPNEGO);
+		write_negTokenInit(asn1, &spnego->negTokenInit);
+		asn1_pop_tag(asn1);
 		break;
 	case SPNEGO_NEG_TOKEN_TARG:
-		write_negTokenTarg(&asn1, &spnego->negTokenTarg);
+		write_negTokenTarg(asn1, &spnego->negTokenTarg);
 		break;
 	default:
-		asn1.has_error = True;
+		asn1->has_error = True;
 		break;
 	}
 
-	if (!asn1.has_error) {
-		*blob = data_blob_talloc(mem_ctx, asn1.data, asn1.length);
-		ret = asn1.ofs;
+	if (!asn1->has_error) {
+		*blob = data_blob_talloc(mem_ctx, asn1->data, asn1->length);
+		ret = asn1->ofs;
 	}
-	asn1_free(&asn1);
+	asn1_free(asn1);
 
 	return ret;
 }
diff --git a/source4/auth/kerberos/gssapi_parse.c b/source4/auth/kerberos/gssapi_parse.c
index cc9565a040..86a9e9554a 100644
--- a/source4/auth/kerberos/gssapi_parse.c
+++ b/source4/auth/kerberos/gssapi_parse.c
@@ -31,30 +31,28 @@
 */
 DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2])
 {
-	struct asn1_data data;
+	struct asn1_data *data = asn1_init(mem_ctx);
 	DATA_BLOB ret;
 
-	if (!ticket->data) {
+	if (!data || !ticket->data) {
 		return data_blob(NULL,0);
 	}
 
-	ZERO_STRUCT(data);
+	asn1_push_tag(data, ASN1_APPLICATION(0));
+	asn1_write_OID(data, GENSEC_OID_KERBEROS5);
 
-	asn1_push_tag(&data, ASN1_APPLICATION(0));
-	asn1_write_OID(&data, GENSEC_OID_KERBEROS5);
+	asn1_write(data, tok_id, 2);
+	asn1_write(data, ticket->data, ticket->length);
+	asn1_pop_tag(data);
 
-	asn1_write(&data, tok_id, 2);
-	asn1_write(&data, ticket->data, ticket->length);
-	asn1_pop_tag(&data);
-
-	if (data.has_error) {
-		DEBUG(1,("Failed to build krb5 wrapper at offset %d\n", (int)data.ofs));
-		asn1_free(&data);
+	if (data->has_error) {
+		DEBUG(1,("Failed to build krb5 wrapper at offset %d\n", (int)data->ofs));
+		asn1_free(data);
 		return data_blob(NULL,0);
 	}
 
-	ret = data_blob_talloc(mem_ctx, data.data, data.length);
-	asn1_free(&data);
+	ret = data_blob_talloc(mem_ctx, data->data, data->length);
+	asn1_free(data);
 
 	return ret;
 }
@@ -65,29 +63,29 @@ DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *tick
 BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2])
 {
 	BOOL ret;
-	struct asn1_data data;
+	struct asn1_data *data = asn1_init(mem_ctx);
 	int data_remaining;
 
-	asn1_load(&data, *blob);
-	asn1_start_tag(&data, ASN1_APPLICATION(0));
-	asn1_check_OID(&data, GENSEC_OID_KERBEROS5);
+	asn1_load(data, *blob);
+	asn1_start_tag(data, ASN1_APPLICATION(0));
+	asn1_check_OID(data, GENSEC_OID_KERBEROS5);
 
-	data_remaining = asn1_tag_remaining(&data);
+	data_remaining = asn1_tag_remaining(data);
 
 	if (data_remaining < 3) {
-		data.has_error = True;
+		data->has_error = True;
 	} else {
-		asn1_read(&data, tok_id, 2);
+		asn1_read(data, tok_id, 2);
 		data_remaining -= 2;
 		*ticket = data_blob_talloc(mem_ctx, NULL, data_remaining);
-		asn1_read(&data, ticket->data, ticket->length);
+		asn1_read(data, ticket->data, ticket->length);
 	}
 
-	asn1_end_tag(&data);
+	asn1_end_tag(data);
 
-	ret = !data.has_error;
+	ret = !data->has_error;
 
-	asn1_free(&data);
+	asn1_free(data);
 
 	return ret;
 }
@@ -99,15 +97,15 @@ BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, D
 BOOL gensec_gssapi_check_oid(const DATA_BLOB *blob, const char *oid)
 {
 	BOOL ret;
-	struct asn1_data data;
+	struct asn1_data *data = asn1_init(NULL);
 
-	asn1_load(&data, *blob);
-	asn1_start_tag(&data, ASN1_APPLICATION(0));
-	asn1_check_OID(&data, oid);
+	asn1_load(data, *blob);
+	asn1_start_tag(data, ASN1_APPLICATION(0));
+	asn1_check_OID(data, oid);
 
-	ret = !data.has_error;
+	ret = !data->has_error;
 
-	asn1_free(&data);
+	asn1_free(data);
 
 	return ret;
 }
author	Andrew Tridgell <tridge@samba.org>	2007-05-21 06:12:06 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 14:52:42 -0500
commit	7bb939b1cb2b39a8271cf16d9f5fce5312a9af10 (patch)
tree	3210fa30663556e6ff238a3c9f6d17a209bf26b4 /source4/auth
parent	042ddf28ec036141b2457eb4bf6d2b0cec5cc790 (diff)
download	samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.tar.gz samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.tar.bz2 samba-7bb939b1cb2b39a8271cf16d9f5fce5312a9af10.zip