diff options
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/lib/ldap_escape.c | 25 | ||||
-rw-r--r-- | source3/lib/smbldap_util.c | 12 | ||||
-rw-r--r-- | source3/libads/ldap_user.c | 6 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 45 | ||||
-rw-r--r-- | source3/utils/net_ads.c | 10 | ||||
-rw-r--r-- | source3/winbindd/winbindd_ads.c | 6 |
7 files changed, 54 insertions, 52 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index f887b4e796..c0f4dc10d8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -554,7 +554,7 @@ void init_ldap_debugging(void); /* The following definitions come from lib/ldap_escape.c */ -char *escape_ldap_string_alloc(const char *s); +char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s); char *escape_rdn_val_string_alloc(const char *s); /* The following definitions come from lib/module.c */ diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c index d101bc5ecd..a731cb9864 100644 --- a/source3/lib/ldap_escape.c +++ b/source3/lib/ldap_escape.c @@ -32,10 +32,10 @@ * and to be free()ed by the caller. **/ -char *escape_ldap_string_alloc(const char *s) +char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s) { size_t len = strlen(s)+1; - char *output = (char *)SMB_MALLOC(len); + char *output = talloc_array(mem_ctx, char, len); const char *sub; int i = 0; char *p = output; @@ -43,7 +43,7 @@ char *escape_ldap_string_alloc(const char *s) if (output == NULL) { return NULL; } - + while (*s) { switch (*s) @@ -64,14 +64,17 @@ char *escape_ldap_string_alloc(const char *s) sub = NULL; break; } - + if (sub) { + char *tmp; len = len + 3; - output = (char *)SMB_REALLOC(output, len); - if (!output) { + tmp = talloc_realloc(mem_ctx, output, char, len); + if (tmp == NULL) { + TALLOC_FREE(output); return NULL; } - + output = tmp; + p = &output[i]; strncpy (p, sub, 3); p += 3; @@ -84,7 +87,7 @@ char *escape_ldap_string_alloc(const char *s) } s++; } - + *p = '\0'; return output; } @@ -101,7 +104,7 @@ char *escape_rdn_val_string_alloc(const char *s) } p = output; - + while (*s) { switch (*s) @@ -122,10 +125,10 @@ char *escape_rdn_val_string_alloc(const char *s) *p = *s; p++; } - + s++; } - + *p = '\0'; /* resize the string to the actual final size */ diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c index 66aef6ba66..478a3d24ca 100644 --- a/source3/lib/smbldap_util.c +++ b/source3/lib/smbldap_util.c @@ -126,7 +126,7 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, char *escape_domain_name; /* escape for filter */ - escape_domain_name = escape_ldap_string_alloc(domain_name); + escape_domain_name = escape_ldap_string(talloc_tos(), domain_name); if (!escape_domain_name) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -135,11 +135,11 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, if (asprintf(&filter, "(&(%s=%s)(objectclass=%s))", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), escape_domain_name, LDAP_OBJ_DOMINFO) < 0) { - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); return NT_STATUS_NO_MEMORY; } - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); attr_list = get_attr_list(NULL, dominfo_attr_list ); rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result); @@ -258,7 +258,7 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, int count; char *escape_domain_name; - escape_domain_name = escape_ldap_string_alloc(domain_name); + escape_domain_name = escape_ldap_string(talloc_tos(), domain_name); if (!escape_domain_name) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; @@ -268,11 +268,11 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, LDAP_OBJ_DOMINFO, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), escape_domain_name) < 0) { - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); return NT_STATUS_NO_MEMORY; } - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); DEBUG(2, ("smbldap_search_domain_info: Searching for:[%s]\n", filter)); diff --git a/source3/libads/ldap_user.c b/source3/libads/ldap_user.c index eecd9045e5..69dc05335e 100644 --- a/source3/libads/ldap_user.c +++ b/source3/libads/ldap_user.c @@ -30,18 +30,18 @@ ADS_STATUS status; char *ldap_exp; const char *attrs[] = {"*", NULL}; - char *escaped_user = escape_ldap_string_alloc(user); + char *escaped_user = escape_ldap_string(talloc_tos(), user); if (!escaped_user) { return ADS_ERROR(LDAP_NO_MEMORY); } if (asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user) == -1) { - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return ADS_ERROR(LDAP_NO_MEMORY); } status = ads_search(ads, res, ldap_exp, attrs); SAFE_FREE(ldap_exp); - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return status; } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 3579325769..173298561f 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -336,7 +336,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, const char **attr) { char *filter = NULL; - char *escape_user = escape_ldap_string_alloc(user); + char *escape_user = escape_ldap_string(talloc_tos(), user); int ret = -1; if (!escape_user) { @@ -350,7 +350,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, filter = talloc_asprintf(talloc_tos(), "(&%s%s)", "(uid=%u)", get_objclass_filter(ldap_state->schema_ver)); if (!filter) { - SAFE_FREE(escape_user); + TALLOC_FREE(escape_user); return LDAP_NO_MEMORY; } /* @@ -360,7 +360,7 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, filter = talloc_all_string_sub(talloc_tos(), filter, "%u", escape_user); - SAFE_FREE(escape_user); + TALLOC_FREE(escape_user); if (!filter) { return LDAP_NO_MEMORY; } @@ -2120,18 +2120,18 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, struct s /* does the entry already exist but without a samba attributes? we need to return the samba attributes here */ - escape_user = escape_ldap_string_alloc( username ); + escape_user = escape_ldap_string(talloc_tos(), username); filter = talloc_strdup(attr_list, "(uid=%u)"); if (!filter) { status = NT_STATUS_NO_MEMORY; goto fn_exit; } filter = talloc_all_string_sub(attr_list, filter, "%u", escape_user); + TALLOC_FREE(escape_user); if (!filter) { status = NT_STATUS_NO_MEMORY; goto fn_exit; } - SAFE_FREE(escape_user); rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, attr_list, &result); @@ -2278,7 +2278,6 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, struct s fn_exit: TALLOC_FREE(ctx); - SAFE_FREE(escape_user); if (result) { ldap_msgfree(result); } @@ -2528,7 +2527,7 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, const char *name) { char *filter = NULL; - char *escape_name = escape_ldap_string_alloc(name); + char *escape_name = escape_ldap_string(talloc_tos(), name); NTSTATUS status; if (!escape_name) { @@ -2540,11 +2539,11 @@ static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, get_attr_key2string(groupmap_attr_list, LDAP_ATTR_DISPLAY_NAME), escape_name, get_attr_key2string(groupmap_attr_list, LDAP_ATTR_CN), escape_name) < 0) { - SAFE_FREE(escape_name); + TALLOC_FREE(escape_name); return NT_STATUS_NO_MEMORY; } - SAFE_FREE(escape_name); + TALLOC_FREE(escape_name); status = ldapsam_getgroup(methods, filter, map); SAFE_FREE(filter); return status; @@ -2665,20 +2664,19 @@ static NTSTATUS ldapsam_enum_group_members(struct pdb_methods *methods, for (memberuid = values; *memberuid != NULL; memberuid += 1) { char *escape_memberuid; - escape_memberuid = escape_ldap_string_alloc(*memberuid); + escape_memberuid = escape_ldap_string(talloc_tos(), + *memberuid); if (escape_memberuid == NULL) { ret = NT_STATUS_NO_MEMORY; goto done; } filter = talloc_asprintf_append_buffer(filter, "(uid=%s)", escape_memberuid); + TALLOC_FREE(escape_memberuid); if (filter == NULL) { - SAFE_FREE(escape_memberuid); ret = NT_STATUS_NO_MEMORY; goto done; } - - SAFE_FREE(escape_memberuid); } filter = talloc_asprintf_append_buffer(filter, "))"); @@ -2812,7 +2810,7 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods, return NT_STATUS_INVALID_PARAMETER; } - escape_name = escape_ldap_string_alloc(pdb_get_username(user)); + escape_name = escape_ldap_string(talloc_tos(), pdb_get_username(user)); if (escape_name == NULL) return NT_STATUS_NO_MEMORY; @@ -2950,7 +2948,7 @@ static NTSTATUS ldapsam_enum_group_memberships(struct pdb_methods *methods, done: - SAFE_FREE(escape_name); + TALLOC_FREE(escape_name); return ret; } @@ -4185,14 +4183,14 @@ static char *get_ldap_filter(TALLOC_CTX *mem_ctx, const char *username) goto done; } - escaped = escape_ldap_string_alloc(username); + escaped = escape_ldap_string(talloc_tos(), username); if (escaped == NULL) goto done; result = talloc_string_sub(mem_ctx, filter, "%u", username); done: SAFE_FREE(filter); - SAFE_FREE(escaped); + TALLOC_FREE(escaped); return result; } @@ -4994,10 +4992,10 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, is_machine = True; } - username = escape_ldap_string_alloc(name); + username = escape_ldap_string(talloc_tos(), name); filter = talloc_asprintf(tmp_ctx, "(&(uid=%s)(objectClass=%s))", username, LDAP_OBJ_POSIXACCOUNT); - SAFE_FREE(username); + TALLOC_FREE(username); rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, NULL, &result); if (rc != LDAP_SUCCESS) { @@ -5270,10 +5268,10 @@ static NTSTATUS ldapsam_create_dom_group(struct pdb_methods *my_methods, gid_t gid = -1; int rc; - groupname = escape_ldap_string_alloc(name); + groupname = escape_ldap_string(talloc_tos(), name); filter = talloc_asprintf(tmp_ctx, "(&(cn=%s)(objectClass=%s))", groupname, LDAP_OBJ_POSIXGROUP); - SAFE_FREE(groupname); + TALLOC_FREE(groupname); rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, NULL, &result); if (rc != LDAP_SUCCESS) { @@ -5702,7 +5700,8 @@ static NTSTATUS ldapsam_set_primary_group(struct pdb_methods *my_methods, return NT_STATUS_NO_MEMORY; } - escape_username = escape_ldap_string_alloc(pdb_get_username(sampass)); + escape_username = escape_ldap_string(talloc_tos(), + pdb_get_username(sampass)); if (escape_username== NULL) { return NT_STATUS_NO_MEMORY; } @@ -5715,7 +5714,7 @@ static NTSTATUS ldapsam_set_primary_group(struct pdb_methods *my_methods, LDAP_OBJ_POSIXACCOUNT, LDAP_OBJ_SAMBASAMACCOUNT); - SAFE_FREE(escape_username); + TALLOC_FREE(escape_username); if (filter == NULL) { return NT_STATUS_NO_MEMORY; diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index d82715eb45..f746fc6bd5 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -521,7 +521,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv) return net_ads_user_usage(c, argc, argv); } - escaped_user = escape_ldap_string_alloc(argv[0]); + escaped_user = escape_ldap_string(talloc_tos(), argv[0]); if (!escaped_user) { d_fprintf(stderr, "ads_user_info: failed to escape user %s\n", argv[0]); @@ -529,12 +529,12 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv) } if (!ADS_ERR_OK(ads_startup(c, false, &ads))) { - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return -1; } if (asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user) == -1) { - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return -1; } rc = ads_search(ads, &res, searchstring, attrs); @@ -543,7 +543,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv) if (!ADS_ERR_OK(rc)) { d_fprintf(stderr, "ads_search: %s\n", ads_errstr(rc)); ads_destroy(&ads); - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return -1; } @@ -563,7 +563,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv) ads_msgfree(ads, res); ads_destroy(&ads); - SAFE_FREE(escaped_user); + TALLOC_FREE(escaped_user); return 0; } diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 0f40419a0e..edd70667c0 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -608,7 +608,7 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain, goto done; } - if (!(escaped_dn = escape_ldap_string_alloc(user_dn))) { + if (!(escaped_dn = escape_ldap_string(talloc_tos(), user_dn))) { status = NT_STATUS_NO_MEMORY; goto done; } @@ -620,12 +620,12 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain, GROUP_TYPE_SECURITY_ENABLED); if (!ldap_exp) { DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn)); - SAFE_FREE(escaped_dn); + TALLOC_FREE(escaped_dn); status = NT_STATUS_NO_MEMORY; goto done; } - SAFE_FREE(escaped_dn); + TALLOC_FREE(escaped_dn); rc = ads_search_retry(ads, &res, ldap_exp, group_attrs); |