diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-08-01 22:04:25 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:30:16 -0500 |
| commit | 46a41994c9a0f62c19b6319813ff50126f2b214a (patch) | |
| tree | 34d842e438a9d16b23a7c467b4236e20ff975b9c /source4/utils/ntlm_auth.c | |
| parent | 901d7594b380b4e9832b5b530c87c208a9f874ba (diff) | |
| download | samba-46a41994c9a0f62c19b6319813ff50126f2b214a.tar.gz samba-46a41994c9a0f62c19b6319813ff50126f2b214a.tar.bz2 samba-46a41994c9a0f62c19b6319813ff50126f2b214a.zip | |
r8901: Fix ntlm_auth segfault (invalid free()). We have moved to talloc
here.
Andrew Bartlett
(This used to be commit b341bd4487f81a48de2e479e85d90f64c7f071e0)
Diffstat (limited to 'source4/utils/ntlm_auth.c')
| -rw-r--r-- | source4/utils/ntlm_auth.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c index 809f155174..1431f7f415 100644 --- a/source4/utils/ntlm_auth.c +++ b/source4/utils/ntlm_auth.c @@ -300,6 +300,8 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, BOOL first = False; const char *reply_code; struct cli_credentials *creds; + + TALLOC_CTX *mem_ctx; if (strlen(buf) < 2) { DEBUG(1, ("query [%s] invalid", buf)); @@ -413,6 +415,9 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, return; } + /* update */ + mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx"); + if (strncmp(buf, "UG", 2) == 0) { int i; char *grouplist = NULL; @@ -426,7 +431,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, } /* get the string onto the context */ - grouplist = talloc_strdup(session_info, ""); + grouplist = talloc_strdup(mem_ctx, ""); for (i=0; i<session_info->security_token->num_sids; i++) { struct security_token *token = session_info->security_token; @@ -438,21 +443,21 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, mux_printf(mux_id, "GL %s\n", grouplist); talloc_free(session_info); data_blob_free(&in); + talloc_free(mem_ctx); return; } - /* update */ - - nt_status = gensec_update(*gensec_state, NULL, in, &out); + nt_status = gensec_update(*gensec_state, mem_ctx, in, &out); /* don't leak 'bad password'/'no such user' info to the network client */ nt_status = auth_nt_status_squash(nt_status); if (out.length) { - out_base64 = base64_encode_data_blob(NULL, out); + out_base64 = base64_encode_data_blob(mem_ctx, out); } else { out_base64 = NULL; } + if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { reply_arg = "*"; if (first) { @@ -517,7 +522,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, } } - SAFE_FREE(out_base64); + talloc_free(mem_ctx); return; } |