diff options
-rw-r--r-- | source3/libads/ads_struct.c | 11 | ||||
-rw-r--r-- | source3/libads/kerberos_keytab.c | 20 | ||||
-rw-r--r-- | source3/libads/ldap_user.c | 5 |
3 files changed, 28 insertions, 8 deletions
diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c index 8cc2f1215e..aef35ad822 100644 --- a/source3/libads/ads_struct.c +++ b/source3/libads/ads_struct.c @@ -57,12 +57,17 @@ char *ads_build_path(const char *realm, const char *sep, const char *field, int strlcat(ret, p, len); while ((p=strtok_r(NULL, sep, &saveptr)) != NULL) { - char *s; + int retval; + char *s = NULL; if (reverse) - asprintf(&s, "%s%s,%s", field, p, ret); + retval = asprintf(&s, "%s%s,%s", field, p, ret); else - asprintf(&s, "%s,%s%s", ret, field, p); + retval = asprintf(&s, "%s,%s%s", ret, field, p); free(ret); + if (retval == -1) { + free(r); + return NULL; + } ret = SMB_STRDUP(s); free(s); } diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index c4e67091dd..7c028cb78f 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -299,17 +299,29 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) if (strchr_m(srvPrinc, '@')) { /* It's a fully-named principal. */ - asprintf(&princ_s, "%s", srvPrinc); + if (asprintf(&princ_s, "%s", srvPrinc) == -1) { + ret = -1; + goto out; + } } else if (srvPrinc[strlen(srvPrinc)-1] == '$') { /* It's the machine account, as used by smbclient clients. */ - asprintf(&princ_s, "%s@%s", srvPrinc, lp_realm()); + if (asprintf(&princ_s, "%s@%s", srvPrinc, lp_realm()) == -1) { + ret = -1; + goto out; + } } else { /* It's a normal service principal. Add the SPN now so that we * can obtain credentials for it and double-check the salt value * used to generate the service's keys. */ - asprintf(&princ_s, "%s/%s@%s", srvPrinc, my_fqdn, lp_realm()); - asprintf(&short_princ_s, "%s/%s@%s", srvPrinc, machine_name, lp_realm()); + if (asprintf(&princ_s, "%s/%s@%s", srvPrinc, my_fqdn, lp_realm()) == -1) { + ret = -1; + goto out; + } + if (asprintf(&short_princ_s, "%s/%s@%s", srvPrinc, machine_name, lp_realm()) == -1) { + ret = -1; + goto out; + } /* According to http://support.microsoft.com/kb/326985/en-us, certain principal names are automatically mapped to the host/... diff --git a/source3/libads/ldap_user.c b/source3/libads/ldap_user.c index bef2c91292..eecd9045e5 100644 --- a/source3/libads/ldap_user.c +++ b/source3/libads/ldap_user.c @@ -35,7 +35,10 @@ return ADS_ERROR(LDAP_NO_MEMORY); } - asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user); + if (asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user) == -1) { + SAFE_FREE(escaped_user); + return ADS_ERROR(LDAP_NO_MEMORY); + } status = ads_search(ads, res, ldap_exp, attrs); SAFE_FREE(ldap_exp); SAFE_FREE(escaped_user); |